Comodo: What do they need to do, to improve their product line?

Phishing sites need to be taken into consideration too. Yes I know we can avoid them with common sense, but for the average user this would be beneficial.

 

Constant phishing site protection is just not needed.
Only if you perform financial transactions or online banking of any sort.

I do not do either so phishing protection is of less importance to me.

 

But for the greater crowd of average users it is. Anyway I still think that Comodo would benefit from a web guard.

 

There are better solutions like K9 or OpenDNS...

 

users have been asking for a webguard for years and it hasnt appeared and probably will never happen.
It would be nice to have but things are what they are.

 

I agree. But this thread is about what we think Comodo need to do to improve their product and I think a web guard would be a nice addition.

 

You can pray for SecureDNS drastic improvement...

 

Here are few things I would like to point out:

1. Fix their age old bypasses by stuxnet,flame etc and become much quicker in fixing bypasses by generic pieces of malware and find a way around their ransomware bypasses or let them change their sandbox default settings to restricted.

2.Better AV DB and cut down on the amount of fanboys [kidding,no pun] they have and plus they need to fulfill their promises rather than just keep on ranting about DACS or whatever.

3.Better forums.In the sense,their forum users/mods are very sarcastic sometimes and many a times they speak in a very evading/flaming manner

4.Plus they need to put this in their head which touching sky high of proud that their DDS and whatever they do call "bulletproof" is already under attack by malware writers and if they dont be quick in fixing things their suite wouldnt be what it is now in near future.

 

The nearest thing you will get to a webguard is possibly comodo dragon browser which if run in tandem with CIS does provide some malware and phishing protection to a certain extent and also you can use comodo DNS in the dragon browser only.

 

Oh well, what will be will be

 

Make the instalation more granular (more choice on components)

Develop a webguard

Change around the name of virus signatures (cmon malware@ect.)

Just my two cents

 

Don't get me wrong,I'm neutral when it comes to the necessity of a web guard.

While most browsers can offer anti-phishing protection,there is an argument for including it within CIS.

 

Whatever happened to 'DNSBrian' don't see him around comodo's forum much these days
Maybe he's working on it

 

What can they provide using a web guard that'll be separate from browsers (built-in and extensions) and SecureDNS? Worthless HTTP port 80 scanning that makes detections a bit faster at the far larger expense of your Internet speed?

I'd say the usual AV implementation of "web guards" are a waste of resources. It'd be smarter to develop DNS, extensions, IP blacklists, or even HOSTS.

 

I really like CIS 6.2, but it still flags too many safe files, even with HIPS off. If you don't change software much, you won't notice, but if you have Steam and like to try different games it gets ugly.

 

And what will IP blacklists or HOSTS do? Malicious IPs change quickly, sometimes multiple times in a very short period. HOSTS? Look at how infrequently most 3rd party HOST files are kept updated and tell me how useful they are again.

As for Comodo itself, a lot needs changing, possibly even the CEO. They've had enough of their ugly practices brought to light and ignored their users and positive criticism enough times that I'd hardly call them a worthy addition to any security. CIS in the right hands can be pretty damn decent protection. But until the business side gets cleaned up a bit, I stay away.

 

4. Make the Sandbox/Kiosk an optional component to the suite, also give the user base the choice to run it as a standalone product.

this please.

 

Still better than that pointlessly redundant web guard. They're just alternatives to DNS/extensions that can work, even if clumsily.

 

They should:

- remove the sandbox and come back to be a classical, strong HIPS.
- add exploid protection

 

But people would complain it's too complicated then.....

 

Web guards aren't completely pointless, they scan for malicious items/links and block them regardless of IP addresses. Just going by what was hosted at an IP address yesterday is truly pointless, because today it may be clean again. Blacklists have their place, but they are far from effective.

 

And for most people, they'd be right. There is a reason HIPS has never become "hot" to the general public, they're unusable without severely crippling the protection, which requires understanding precisely what you're doing before you ever touch the settings, and they mostly just get in the way of every day tasks.

 

Hey, don't touch the sandbox even if it's not so cool as the Sandboxie. Where then I put my browsers?

I ain't so knowledgeable but isn't HIPS in Safe mode is enough? Anyways you can use EMET.

 

Won't those things be blocked by the real-time guard if they just download anyways? I may agree with the scanning of phishing webpages that aren't usually covered, but only in smart implementations like BitDefender TrafficLight. You say blacklists as if AV signatures aren't just another form of them, am I wrong?

 

- CIS Sandbox has always new bugs and bypass, better to use Sandboxie, or another different software to sandbox the browsers.

- I trust Defense+ in Paranoid mode, but not a bad idea to enhance and strengthen it.