Top Anti-virus like Avast, McAfee, Norton, Avira, Kaspersky and Bitdefender fail miserably in basic security tests. http://www.techworm.net/2015/08/top...ira-kaspersky-bitdefender-security-tests.html
The tester ran the SSTS64 utilities as Trusted !!!! So Comodo allowed the utilities to run without monitoring and alerts !!!! The whole Comodo test was not performed correctly... which goes to show that the tester did not understand precisely how file ratings affect Comodo Internet Security behavior !!!
If I ever use Comodo again the first thing i'm going to do is remove all trusted digital certificates. There's a ridiculous number of them on Comodo's list. The chances of one of them being used by malware, or a government entity are fairly good.
This fits well with my thread before, that all the top anti-virus software fail in detecting government spy malware. https://www.wilderssecurity.com/threads/best-software-for-detecting-government-spy-malware.378956 In that thread you will find Comodo was one of the only software succeeding. Spyshelter is perfect for scrambling keystrokes where the malware slips through. You will find all the government malware rely on some kind of keylogger.
I don't think so...it's just a kind of software that is not based on signatures and test shows us the obvious true...even the best signatures and a lot of technolgies in AV/IS are sometimes just useless. It's matter of Comodo not tester...is it not true?
Tester needs to rate files as Unrecognized in order for test to be accurate; Comodo technicians updated Cloud and rated the utilities as Unrecognized. Tester made mistake... The Tester is ultimately responsible for making sure that the utilities were properly rated... same as any other AV test lab. His test is not accurate; it is misleading because he did not change the utility rating...
So you mean as the utilities are harmless testing sample...it was treated as safe/whitelisted by Comodo, right? Now Comodo has changed the rating to unrecognized, right? So IMO Comodo didn't failed the test... Some security software vendor blacklist harmless testing utilities & some dont... And this case Comodo didn't blacklisted the harmless utilities. As now the utilities are rated unrecognized by Comodo... now would be correct to test CIS modules protection/effectiveness IMO.
If the tester used defaults it will indeed impact a number of products. E.g. ZA at install will have its HIPS module on learning mode and will not block a thing unless recognised as malware. This has been discussed before in here...you can indeed blame the software developer to choose install settings that are not safe... but also you should take this result with a bit of caution as they do not reflect the real capacity of the product tested.
Its not about default CIS settings. Its simple...the utilities are harmless test samples & not actual malware. If a harmless sample is not blacklisted by security software vendor then nothing wrong with it...but if you test that harmless sample against that product then you have to test it correctly. If the sample was real malware & missed/whitelisted then you can question the product effectiveness, etc...
The default settings have nothing to do with it... Comodo Internet Security only protects the system against Unrecognized and Malicious files; it a file is rated as Trusted it will be allowed to run without restriction. The SSTS64 files were incorrectly run as Trusted - which generated erroneous results ! So in the case of the test, the tester did not change the file rating from Trusted to Unrecognized; when executed as a Trusted file - CIS allowed it run - and it returned a "Fail" result. Had the tester properly changed the file ratings to Unrecognized, then CIS would have autosandboxed the utilities... That is how CIS works. The tester must not have known this fact...
@yesnoo - you are absolutely correct ! Sanya got the Comodo techs to black-list all the SSTS64 utilities... (I would think permanently added to the non-malicious black-list\PUA).
I suggest Comodo automatically classify any unrecognized file as not trusted in the future to avoid this. I think Comodo should have done this to begin with. Did Comodo fail to do this, or did the tester change the file rating from unrecognized to trusted? I think I am remembering the Comodo options correctly. Comodo is not part of my layered security.
Until recently, the SSTS64 utilities from Matousec\Stanford U have been rated as Trusted by Comodo Cloud for years. Evidently the tester did not know that such utilities must be rated as Unrecognized for the test results to be valid. In other words, the tester did not disable Comodo Cloud Lookup (FLS) and then change the file ratings from Trusted to Unrecognized in the local CIS File List. Regardless of whether Comodo rates the leak test utilities as Trusted or Unrecognized, it is up to any tester to verify file ratings of leak tests and the likes before running them. If they do not do this important verification then it shows a lack of understanding of how Comodo and leak testing works. Operator Error...