just being curious here.. the general thoughts on cis 4.1..

Yeah, have had a couple of budget notebooks with ALPS touchpads. It's off topic but when purchasing a new notebook this is one of the things I check every time - it should not have an ALPS touchpad. Their performance is way too bad when compared to Synaptics or the lesser known Elantech. Unavailability of up-to-date drivers from official channels also is an issue. Synaptics for me.

 

agreed 100% except i had these laying around to be able to test on..

 

Ive never seen ALPS in any of my HP/Compaqs. They have all used Synaptics from the low DV6xxx series all the way up to their DV9xxx Business series.

 

i recently worked on 2 compaq's that were both bought from staples on the same day and they were the EXACT SAME MODEL... i was cleaning out al the garbage they come with for the customer. one had alps and one had synaptics.... MOST of the time synaptics drivers work with alps hardware and visa versa but in this case for example this was not the case. i HAD to install alps on their one system. as i said they were brand new sealed boxes the customer never even opened them i was the one to actually break the seal on the boxes.. but comodo flagged a ashampoo music program, puran defrag among many others if nothing else ashampoo should be well known enough to be on the whitelist

 

I dont see the issue. Did you have automatically trust certain vendors allowed? Did you have trust programs that are digitally signed checked?

 

not an issue for me as i said but people like the wife will have no idea what to allow and not... thats the issue i could run this without issue but i can def not put this on the wife's system

 

Anyone saw this video?Opinions?Seems like a naughty malware that exploit...damn,i never thought i could see Comodo disabled so easily....

-http://www.youtube.com/watch?v=4AYeIDI4CB4&feature=player_embedded-

 

lol wow thats crazy...

 

WOW i hope they do fix the issue soon because it uninstalled by the AV. looks like the sandbox needs more work as the whole suite. i like the suite just waiting a few more updates .

 

I like the suite too..for now,i'm thinking to disable the Sandbox..Wise idea?

 

hmm i dont really know, if that good or bad. id say bad i mean the sandbox does work but the suite still has a few flaws.

 

now the mods EricJH and Langy99 are asking what he used to make his software that bypassed CIS what was used when it was digitally signed.

that is the only way not to get a popup from CIS, if the software is digitally signed you get no popup.

i bet thats the issue there maybe.

topic at comodo forums

http://forums.comodo.com/news-announcements-feedback-cis/another-mrg-video-t58497.225.html


EDIT: Chris from the video says its not digital signed. who knows lol

 

It's a chaos in there ....everyone is trying to make his point....who is right?We will see....but 'till then...I think i'm staying with CIS complete.Now,if it really is a major flawless and Chris is right,i hope Comodo will solve it as quickly as they can...

 

yeah im running the standard version again just playing with it really.

 

I really hope, that this is not related with the same exploit, that was known from (July?) 2007, when comodo antivirus was in beta 2.x.

It had similar characteristics, since could bypass and uninstall comodo antivirus 2.x beta.

At the time, Mike Nash had warned me and asked me to pass the info to Melih and Egemen, which I did. (since I was a comodo mod back then).

Panagiotis

 

I can't say for sure, but some browsing issues I had recently seemed to go away when I uninstalled CIS. Like I said, I can't say for sure and I don't want to give CIS a black eye, but it is strange they were resolved when I uninstalled it.

I also quickly became a non-fan of the sandbox. I would start certain apps and CIS would prompt me that it was being run in the sandbox and I would check the "Don't run this program in the sandbox again" checkbox every time and every time it would run it in the sandbox again.

 

Very annoyingly, there is (or was a couple of weeks ago when I last tried) an anomoly in CIS 4.1 Premium which means you can't add vendors you personally vouch for to the list of trustred vendors.

From memory there are 2 options.
1. Add a vendor where there is a digital signature.
2. Add a vendor of a running process.
If you try option 2, it tells you that there is no digital signature and will not add the vendor to the list.

 

they say they will solve it by adding a pop up asking if you want to uninstall comodo now. not sure if that will actually end up working (im sure someone could find a way around it) but should make it harder for this to run since i looks like this is a script to simply call windows to uninstall comodo and imo because comodo trusts windows itself it doesnt get flagged..

 

ROLFMAO
You mean that comodo users are not worried by the fact that the sandbox does not work and they are worried about the uninstall flaw?

Panagiotis

 

not one bit it seems lol... they all keep saying well he didnt install it right or why did he add it to sandbox first or etc etc etc... they all have a answer. imo this is a huge flaw.. and all seem to be just fine with that answer. languy is suggesting a pop up with a box to type the code given for uninstall.. but who knows when they will implement this and until then.....quoting axel rose here "get in the ring" or so it seems over there

 

LoL
... By the way I just watched the video again. And it does seem to be the old exploit of mid 2007 that targeted CAV 2.x beta (comodo's first AV+hips).

Panagiotis

 

Wow the drama is incredible!

Assuming the test was conducted well, it seems that Comodo is indeed failing and this appears to be a serious flaw. To prove its point even further, MRG is trying to find a Wilders Admin to conduct the test for them.

MRG is blackmailing Comodo.LOL. Unless Comodo accepts that its software is not perfect, MRG will continue to publish exploits to show that it can bypass Comodo.

 

Don't be ridiculous, this has nothing to do with Comodo, all that script did was executing uninstaller and bypassing any answers that occurs in the process.
Any security software can be 'bypassed' that way, except the ones that have image verification routine when you try to exit / uninstall app.
And possibly software using something similar to UAC prompts (like Avast have for example)

 

Oh I see, but what can we conclude then? Is it a critical vulnerability or not?
Unfortunately MRG has published results only for Comodo, so I don't know how other security software will behave.

 

Yep, well, the mess was created because MRG has personal thingy against Comodo.
They said few weeks ago that they wouldn't test Comodo again , and here we are, they release video ...

edit : wow, I feel bad now not using your Quote in reply, but you changed completely your answer , whatever ...