I have just tried a new idiot proof set up for the last few weeks. My wife is using an old laptop with XP SP3. I have installed Comodo Security on it with Antivirus disabled( not even installed), FW allow in and outbound with windows firewall enabled and also a hardware firewall in my router, Auto-sandbox is enabled along with viruscope and cloud.( I could not however resist to add MBAE free with it although I guess it is not needed). This is an almost zero pop up security set up with really strong security. So far it is working good without any significant system impact. However I must mention that my wife is a very very safe surfer. I am really curious how this set up will work with a high risk dummy user. This set up is supposed to sandbox any malware without any pop up alerts and should keep the system clean. I will love to try this set up for a high risk surfer.
I bet they'll complain about their newly downloaded software not working properly (malicious or not). Or if they have the access, disable it altogether (that's why you have them as limited user and password-protect Comodo). Biggest problem is keeping the setup up-to-date if and when they want new stuff on their computer. Doing so safely will require you to keep tabs on them if they can't/won't learn.
Depends on how often they actually update stuff that isn't signed. I'm running avast! in Hardened Mode (Aggressive) on sister's laptop and she never really asked me about it. The stuff she usually installs is already whitelisted or signed so it's fine. I think same should work for Comodo as well. Comodo has a bit of an advantage since stuff can run in sandbox just fine, but then again their whitelisting process is way slower than avast!'s.
In my experience comodo white list is very good. The advantage over Avast should be less overhead as files will be intercepted only during execution, no read and write scanning like an AV.
She can't answer any pop up alerts. So I practically disabled it. Windows FW and router's FW is still there.
Not sure what are those serious bugs. On XP it has been trouble free unless you put it in paranoid mode( I don't use paranoid mode). Recently tried on window 8, 8.1 and now on Windows 10 and no major issues. However on Windows 10, I removed sandboxie and MBAE due to slowness and probably some compatibility issues. On one of XP systems I got some random freezes that forced me to go back to version 4 but it did not bother me, rather I am enjoying version 4 on XP. It is very light and no hiccups at all even along with geswall. I even use paranoid mode here for some testing. Some people complain about uninstall issues but I don't deal with it as I restore a clean image very often via ax64 or macrium reflect.
Beauty of comodo is that you can configure it to get as many alerts s you want. From frequent pop ups to no pop up alerts at all. And all this wothout losing/ compromising any protection. It is one of the best free security apps around. I wil hate to see it dying.
I did have major slow down problems with commodo some time ago to the point it would freeze the system. I find PFW, OA and outpost to be less likely to freeeze the system on my xp setup.
I give it a year or two before the decision to make it die will be done. Firewalls and HIPS like this will be gone by 2020. Market does not want them.
You can thank the AV Labs for this. They have migrated to the stance that every PC user is a nob. So any security product that alerts and keeps any decision making in the user's hands is penalized on protection scoring.
Yes, but you specifically stated "high risk surfer". Who knows what they'll download, both false positives (legit freeware) and false negatives (signed malware) are possible.
Devs do not make it for free, a few years ago, Comodo was promoted on the homepage, now it is somewhat hidden. It is just a side project, a toy.
Comodo makes money with digital certificates. This has been known for ages. Security software they make is kind of a trust connection for people to trust them more. Probably that's the reason why they push whitelisting through digital signatures so much.