Wikileak documents show Governments couldn't penetrate Comodo Internet Security

Status
Not open for further replies.
Rolo

Rolo

Level 18
Verified
Jun 14, 2015
857
That and it's well after-the-fact...would really need a pre-FinFisher-announcement database.
 
D

Deleted member 2913

hjlbx said:
I already tested it on my W8.1 system using a sample provided here at MT Malware Hub: http://malwaretips.com/threads/finfisher-2015-06-02.46623/

In default config (Internet Security) CIS generates sandbox alert.

Using Proactive Security it generates both sandbox and HIPS alerts.
Click to expand...
Default generated sandbox alert & proactive generated sandbox & HIPS alerts.
So it seems default settings has HIPS disabled but as per Comodo even disabled...HIPS is not fully disabled. But I do think this not fully disabled HIPS may help sandbox in some way to generate sandbox alert but you will not get HIPS alert with default settings. I think HIPS disabled i.e default settings...passively works for sandbox in some way.
 
H

hjlbx

yesnoo said:
Default generated sandbox alert & proactive generated sandbox & HIPS alerts.
So it seems default settings has HIPS disabled but as per Comodo even disabled...HIPS is not fully disabled. But I do think this not fully disabled HIPS may help sandbox in some way to generate sandbox alert but you will not get HIPS alert with default settings. I think HIPS disabled i.e default settings...passively works for sandbox in some way.
Click to expand...

Not sure... like most technical details with CIS, Comodo does not explain - despite many inquiries regarding various technical details on the Comodo forum - even from Moderators and die-hard fanboys.

@yesnoo - my take is that HIPS disabled controls Notifications, Sandbox alerts... and purportedly... policy violation alerts. What exactly those policy violation alerts are exactly... what they look like, their content, which module generates them etc ... I do not know. It seems nobody knows.

@yesnoo - I think you might be the only one.
 
D

Deleted member 2913

hjlbx said:
Not sure... like most technical details with CIS, Comodo does not explain - despite many inquiries regarding various technical details on the Comodo forum - even from Moderators and die-hard fanboys.

@yesnoo - my take is that HIPS disabled controls Notifications, Sandbox alerts... and purportedly... policy violation alerts. What exactly those policy violation alerts are exactly... what they look like, their content, which module generates them etc ... I do not know. It seems nobody knows.

@yesnoo - I think you might be the only one.
Click to expand...
I am not an expert user but learned quite a few things from various forums but still not an advanced users when it comes to all the technicalities.

But I have followed & used Comodo right from version 2 & was a regular Comodo forum visitor.

Devs have always tried to make CIS easy & suitable for average users by minimizing alerts & still providing excellent protection & at the same time advanced options for experts.

When AutoSandbox default was "Partial Limited"...sometimes installing programs in sandbox there use to be HIPS alerts...not much only 2-3 type of alerts like registry, COM, etc... Later they enhanced autosandbox & those HIPS alerts were taken care of i.e with new enhancements users will not get those HIPS alerts & CIS will take the decision automatically to allow/block those actions.
Previously I had a spare system & use to test security software for personal reasons. And I tested CIS quite a few times after the enhancements to the autosandbox & never got those HIPS alerts or any HIPS alerts with CIS defaults.

Now AutoSandbox default is "Full Virtual". I have tested this too & have watched quite a few Youtube tests of CIS defaults against malware. In my tests & those Youtube tests too I never saw a single HIPS alert with CIS defaults.

So I quite believe CIS default will not generate HIPS alerts & disabled HIPS in default settings is used passively to help sandbox.

I would have asked these queries on Comodo forum. But now I dont visit the forum much & dont post much queries especially about CIS as not much reply nowadays on Comodo forum. Queries goes unnoticed & after sometime you too forget what queries you posted on what section. And sometimes I dont want to file a standard format for simple query or bug.
 
H

hjlbx

@yesnoo - if you have been using CIS since v. 2, then you are expert...

I post queries on Comodo forum, but in my experience, knowledgeable replies are virtually nonexistent. Once in a while I get lucky.

More recently I have changed my tactics by submitting queries to Comodo Staff... and only know what I know about certain things based upon what they tell me. Unfortunately, they generally do not provide intricate details regarding CIS mechanics - just general explanations - much like the User's Manual.
 
D

Deleted member 2913

You mentioned it "Knowledgeable replies are virtually nonexistent. Once in a while I get lucky."
 
vivid

vivid

Level 5
Verified
Dec 8, 2014
206
hjlbx said:
More recently I have changed my tactics by submitting queries to Comodo Staff... and only know what I know about certain things based upon what they tell me. Unfortunately, they generally do not provide intricate details regarding CIS mechanics - just general explanations - much like the User's Manual.
Click to expand...
That's bad. Geek buddies cannot provide you with such information from my experience. Just ask a moderator and you will eventually get the answer.
It's your choice in the end.
 
Rolo

Rolo

Level 18
Verified
Jun 14, 2015
857
vivid said:
Geek buddies cannot provide you with such information from my experience.
Click to expand...
They're the folks who deal with the customers so the engineers don't have to!

1021_wide.jpg
 
  • Like
Reactions: vivid
H

hjlbx

vivid said:
That's bad. Geek buddies cannot provide you with such information from my experience. Just ask a moderator and you will eventually get the answer.
It's your choice in the end.
Click to expand...

Moderators very rarely, if ever, answer questions... in my experience.
 
Status
Not open for further replies.

Similar threads

Fel Grossi
    • Like
    • +Reputation
  • Sticky
New Update Comodo Internet Security 2024 v12.3.1.8104 beta (Oct 2023)
Replies
16
Views
674
Comodo
ErzCrz
ErzCrz
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review COMODO Internet Security 2024 BETA
Replies
57
Views
9,655
Video Reviews - Security and Privacy
Victor M
Victor M
Brownie2019
    • Like
On Sale! AVG Internet Security 1Dev./ 1Yr. / $ 6.40
Replies
1
Views
336
Discounts and Deals
Dave Russo
Dave Russo

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top