Why the Comodo hype?

[Solarlynx]

sorry my mistake, HIP = typo, I meant autosandbox, sorry edited

thanx for clearing up, me edited as well

Sooner or later, you will be forced to make decisions about certain programs/processes that you want to run -- whether you use Voodoshield or COMODO or anything else. You can't get away from it. Believe me, I've tried. You gotta take responsibility for what you install/run, like it or not.

So you might as well use NoVirusThanks EXE Radar Pro. It's just as free, it's a lot less buggy, and it really works. You just have to learn how to edit a command line. That's merely a matter of putting an asterisk in the right place. That is a lot easier than troubleshooting bugs...

Actually making decisions refers to all 3: Comodo, VS, NVT ERP. I agree that NVT ERP is most trouble free. But Comodo is the most powerful.

 

[shmu26]

thanx for clearing up, me edited as well


Actually making decisions refers to all 3: Comodo, VS, NVT ERP. I agree that NVT ERP is most trouble free. But Comodo is the most powerful.

right you are, NVT ERP actually gives you very little help in making decisions.

About "powerful": if you sandbox your browsers (and possibly other apps) with COMODO, you are using its extra power. If not, keep in mind that Voodoo and NVT ERP will give you a lot of built-in protection for vulnerable processes. This is important in thwarting fileless exploits through browser, PDF reader, etc.

 

[motox781]

Sooner or later, you will be forced to make decisions about certain programs/processes that you want to run -- whether you use Voodoshield or COMODO or anything else. You can't get away from it. Believe me, I've tried. You gotta take responsibility for what you install/run, like it or not.

So you might as well use NoVirusThanks EXE Radar Pro. It's just as free, it's a lot less buggy, and it really works. You just have to learn how to edit a command line. That's merely a matter of putting an asterisk in the right place. That is a lot easier than troubleshooting bugs...

I have to disagree here. Its not about getting 'away' from it, its about limiting it. My opinion: the more popups (unless manually configured that way), the lazier the AV company.

I serve the general public in technology, as do the AV manufacturers. Most people do not have time to sit around all day making decisions about apps wanting to change this or do that. I think that style of AV computing is archaic and will eventually get surpassed by newer and faster AI systems that genuinely don't need to rely on any human interaction for decisions.

Thanks for your comments though!

 

[shmu26]

I don't have time to sit around all day making decisions about apps wanting to change this or do that.

me neither. I have NVT ERP set to trust protected system processes, and also the program folder, so I won't get those stupid prompts.
But you will discover pretty quick that some software you want/need to run is not on the COMODO whitelist, so you will have to decide on your own whether to trust it or not. That was basically my point.

 

[AtlBo]

look, if COMODO would be both easy and effective, they wouldn't be able to sell their premium tiers. They have to either make it hard, or charge for it.

100% it is correct to bring up the money issue. However, I feel devs should focus for money on the built in 500 million or so workstations owned and operated by businesses and corporations. Comodo, VoodooShield, and Sandboxie are in a perfect position to be present even on large networks IF the devs can find a way to focus on the bugs and deliver what works of their product to these potential customers. And these products have the potential to achieve a wide usage base, too.

So what do business managers expect? Well, lightweight and reliable for sure and also primarily hands off. They also want invisible and they want network control software. They want IT to be able to monitor what happens with the software and control its settings, and they don't want their employees having to fuss with its functionality. A-V products are going to be on business computers, so what the devs of these security companies should do is work behind the scenes to create a bulletproof solution for business and add to ever present a-v protection. I mean bulletproof in the sense that the app can't be "turned off" or bypassed and that the app does exactly what is stated with 100% reliability and no bugs.

The most important element of this is simplicity. Find the lowest common denominator of your software that delivers a reliable standard of workstation protection. Put it into one app and make it bulletproof and lower its profile. If the user won't be changing settings, is a system tray icon even required? Go with a splash screen on start up over a system tray icon, this kind of thing. VoodooShield's current way would work I would think. All the above, Comodo, VoodooShield, and Sandboxie have the potential to be a rage (in a good way) with business managers...if they can 100% meet the requirements to be in place on the workstations they oversee.

Now, these, Com, VS, and SB, can deliver the same product to users at home for free and consider it an advertising campaign. Or they can charge one time $10 for the app or some affordable number or amount. This is the potential benefit for home users. The question is, "Who will win over the devs for Com, VS, and SB that their ultimate success will come from building an app that stands up to the test of business leaders?"

VoodooShield is getting closer. I love that the full range of functions is available for free (other than changing fine settings). In all of them though, all the bugs must be overcome for the programs to be taken seriously by business leaders. I feel again that this is the challenge and what we should hope for from these apps. I can just imagine how much the programs can be improved in the quest to deliver on this challenge, too. It causes me to hope for the future. I just wish it were now, sometimes, having waited a long time for Comodo to wreck the counterlogical mess of its settings dialog and also then the bugginess...

 

[shmu26]

100% it is correct to bring up the money issue. However, I feel devs should focus for money on the built in 500 million or so workstations owned and operated by businesses and corporations. Comodo, VoodooShield, and Sandboxie are in a perfect position to be present even on large networks IF the devs can find a way to focus on the bugs and deliver what works of their product to these potential customers. And these products have the potential to achieve a wide usage base, too.

So what do business managers expect? Well, lightweight and reliable for sure and also primarily hands off. They also want invisible and they want network control software. They want IT to be able to monitor what happens with the software and control its settings, and they don't want their employees having to fuss with its functionality. A-V products are going to be on business computers, so what the devs of these security companies should do is work behind the scenes to create a bulletproof solution for business and add to ever present a-v protection. I mean bulletproof in the sense that the app can't be "turned off" or bypassed and that the app does exactly what is stated with 100% reliability and no bugs.

The most important element of this is simplicity. Find the lowest common denominator of your software that delivers a reliable standard of workstation protection. Put it into one app and make it bulletproof and lower its profile. If the user won't be changing settings, is a system tray icon even required? Go with a splash screen on start up over a system tray icon, this kind of thing. VoodooShield's current way would work I would think. All the above, Comodo, VoodooShield, and Sandboxie have the potential to be a rage (in a good way) with business managers...if they can 100% meet the requirements to be in place on the workstations they oversee.

Now, these, Com, VS, and SB, can deliver the same product to users at home for free and consider it an advertising campaign. Or they can charge one time $10 for the app or some affordable number or amount. This is the potential benefit for home users. The question is, "Who will win over the devs for Com, VS, and SB that their ultimate success will come from building an app that stands up to the test of business leaders?"

VoodooShield is getting closer. I love that the full range of functions is available for free (other than changing fine settings). In all of them though, all the bugs must be overcome for the programs to be taken seriously by business leaders. I feel again that this is the challenge and what we should hope for from these apps. I can just imagine how much the programs can be improved in the quest to deliver on this challenge, too. It causes me to hope for the future. I just wish it were now, sometimes, having waited a long time for Comodo to wreck the counterlogical mess of its settings dialog and also then the bugginess...

sounds good to me. let the businesses pay, and give good products to consumers for free or for cheap!

 

[shmu26]

I know per say, it doesn't have crazy hype, but why do some people like Comodo? Here's the simple way I look at Comodo technologies in a nut shell:

Default Deny that sandboxes unknowns...

Now correct me if I'm wrong, but if their detection lacks (which I've seen it do for years)...how can someone trust that their known list of good programs is accurate (false positives on newer good programs, etc)?

If the above is somewhat true, why not choose a company that has a more accurate 'up-to-date' list of known good files for default deny protection, which blocks the file instead of running it in some sandbox that doesn't allow the file to run properly half the time anyhow?

Idk, my two cents. Thanks.

but getting back to the original question: AVAST maintains a whitelist, utilized when AVAST is set to hardened mode/aggressive, and Kaspersky maintains a whitelist, utilized when KIS is set to Trusted Applications Mode. Also SecureAPlus has a list of trusted vendors, as does SpyShelter.

None of these lists will have everything you want, and there might be things you don't want. It's kind of hard to know. I think the best list is AVAST, but their hardened mode/aggressive is not strong enough.

 

[AtlBo]

I have a question that might help with why there could be an inability to hype Comodo for some. The question is an open ended query concerning how to utilize the capabilities of the firewall/other components to meet a certain required standard of protection. The question is: "How would you set up Comodo Firewall to satisfy normal, hardened, or heavy security requirements?"

With this question a 1000 other questions flood into the discussion with Comodo's products, and the settings appear disconnected from a user, who may be seeking even to refine their settings even further. Many may wish that connectivity, behavior monitoring, sandboxing, and standard a-v file examination all can be set separately to a specific required level for that feature. Some may want even more levels than 3, also. Even the best a-v products have limitations built into the program that come from devs' inability to so far present the challenge of computer security to the user. Users are at a loss to choose as a result and often they don't really know what they are getting. Additionally, to current security leveling options, there is a distinct on or off type of dialog with choices. Choosing medium means turning on a, b, and c features, while d and e are off. The ability to customize is often very limited.

With Comodo the problem is compounded with bugs and with settings which seem to me at least difficult to find, understand, and manage. So another question for a typical PC user of Comodo follows, "What does your program do?" Present to me options. Present to me preset configurations for specific protection requirements. If you want absolute control over who connects to your computer, OK, choose this configuration and then add full control via the configuration's specific connection settings.

Something along these lines would be amazing from Comodo and would bring users into the dialog and features of the program. I also think there would ultimately be great discussion and dialog about how to integrate features into such a configuration builder type of concept. To go along with this, the program could grow and evolve to meet more specific requirements of users within their choice of configuration(s).

Comodo, you may have the potential for greatness. However, users must feel that they have a program they can trust 100% and protection they can trust 100%. I wish the best for the devs in the future, and I do hope they find some formula that will satisfy the requirements of individual users, regardless of their requirements.

 

[shmu26]

COMODO has three ready-made configurations: Internet, Firewall, and Interactive.
Does someone understand how exactly this affects Autosandbox?
I know that in Interactive, which is the highest level, Autosandbox applies itself to the entire system.
What happens in the other two configs?

 

[XIII]

I've noticed that Firewall Security has Auto-Sandbox disabled by default. I believe it has to do with the default settings.

 

[shmu26]

I've noticed that Firewall Security has Auto-Sandbox disabled by default. I believe it has to do with the default settings.

and if you enable it, what happens? It behaves like the Internet Security config?
If I remember right, Internet Security applies Autosandbox only to downloads and maybe a couple other locations, but will ignore your program folder and Windows folder. Less protection, but less headache.

EDIT: In the Internet Security config, you should be able to safely delete the trusted vendors list, and also turn off the cloud lookup, and it won't bork your system.

COMODO experts: please correct if this is wrong

 

[XIII]

COMODO - Internet Security - This configuration is activated by default, when both Antivirus and Firewall components are installed, i.e. the complete installation. Firewall is always set to Safe mode. But according to the malware scanning results performed during the setup process, if no malware is found, Defense+ is set to Clean PC mode. Otherwise, the default is Safe mode. In this mode,

• Image Execution Control is disabled.

• Computer Monitor/Disk/Keyboard/DNS Client access/Window Messages are NOT monitored.

• Only commonly infected files/folders are protected against infection.

• Only commonly exploited COM interfaces are protected.

• Defense+ is tuned to prevent infection of the system.

COMODO - Proactive Security - This configuration turns CIS into the ultimate protection machine. All possible protections are activated and all critical COM interfaces and files are protected. During the setup, if only Comodo Firewall installation option is selected, the next screen allows users to select this configuration as default CIS configuration. If selected, Firewall is always set to Safe mode. But according to the malware scanning results performed during the setup process, if no malware is found, Defense+ is set to Clean PC mode. Otherwise, the default is Safe mode.

COMODO - Firewall Security - This configuration is activated when the user chooses to install Firewall only and selects optimum protection settings for Defense+ . Firewall is always set to Safe mode. But according to the malware scanning results performed during the setup process, if no malware is found, Defense+ is set to Clean PC mode. Otherwise, the default is Safe mode.

• Image Execution Control checks only applications that are not started manually by the user.

• Computer Monitor/Disk/Keyboard is NOT monitored.

• Only commonly infected files/folders are protected against infection.

• Only commonly exploited COM interfaces are protected.

• Defense+ is tuned to prevent infection of the system and detect Internet access request leaks even if it is infected.

Hope this helps.
Source: Comodo Preset Configurations | Comodo Internet Security | Comodo Internet Security v5.9/5.10

 

[shmu26]

COMODO - Internet Security - This configuration is activated by default, when both Antivirus and Firewall components are installed, i.e. the complete installation. Firewall is always set to Safe mode. But according to the malware scanning results performed during the setup process, if no malware is found, Defense+ is set to Clean PC mode. Otherwise, the default is Safe mode. In this mode,

• Image Execution Control is disabled.

• Computer Monitor/Disk/Keyboard/DNS Client access/Window Messages are NOT monitored.

• Only commonly infected files/folders are protected against infection.

• Only commonly exploited COM interfaces are protected.

• Defense+ is tuned to prevent infection of the system.

COMODO - Proactive Security - This configuration turns CIS into the ultimate protection machine. All possible protections are activated and all critical COM interfaces and files are protected. During the setup, if only Comodo Firewall installation option is selected, the next screen allows users to select this configuration as default CIS configuration. If selected, Firewall is always set to Safe mode. But according to the malware scanning results performed during the setup process, if no malware is found, Defense+ is set to Clean PC mode. Otherwise, the default is Safe mode.

COMODO - Firewall Security - This configuration is activated when the user chooses to install Firewall only and selects optimum protection settings for Defense+ . Firewall is always set to Safe mode. But according to the malware scanning results performed during the setup process, if no malware is found, Defense+ is set to Clean PC mode. Otherwise, the default is Safe mode.

• Image Execution Control checks only applications that are not started manually by the user.

• Computer Monitor/Disk/Keyboard is NOT monitored.

• Only commonly infected files/folders are protected against infection.

• Only commonly exploited COM interfaces are protected.

• Defense+ is tuned to prevent infection of the system and detect Internet access request leaks even if it is infected.

Hope this helps.
Source: Comodo Preset Configurations | Comodo Internet Security | Comodo Internet Security v5.9/5.10

after reading all this, I still don't know what the autosandbox does, or if it is even turned on or not.

 

[XIII]

The auto-sandbox is only configured and enabled in Proactive Security where it says "All possible protections are activated". In the other security settings, you will have to enable and configure auto-sandbox yourself.

 

[Ink]

No, there is no better whitelist for default/deny

Even Bit9?

 

[shmu26]

Even Bit9?

please tell me about it. I am not familiar.

 

[jamescv7]

Well we have to admit, that accepting constructive criticism became a hindrance for Comodo.

So even though its powerful however the usability became the downfall on the other hand.

Comodo being huge company already, it must consider practicality and extending the usability to other levels of users.

 

[Soulbound]

please tell me about it. I am not familiar.

Carbon Black Inc. solutions which are at Enterprises level.
Spawn is referring to Cb Protection module/service, which is Default Deny.

Basically works as a full lock down on a system, granted you set up the rules correctly from Admin.

 

[XIII]

How much does Bit9 cost?

 

[shmu26]

Carbon Black Inc. solutions which are at Enterprises level.
Spawn is referring to Cb Protection module/service, which is Default Deny.

Basically works as a full lock down on a system, granted you set up the rules correctly from Admin.

thanks. I assume it is not so appropriate for home users?