Comodo for non tech-savvy user?

IMHO the real problem with the out of the box settings of CIS are the completely deceptive prompts.

They come up with a question like - a program wants to create a new file, allow/block.
If you block this behavior, then everything at D+ is blocked.
But if you allow this behavior, then everything for this program is allowed. Hooks, autoruns, whatever.

I have never seen a HIPS with such deceptive prompts, no hint that you allow everything for a program if you allow a specific prompt.
It's obvious that the security of the users was victimized for their low popup propaganda bluff.

But every HIPS with such deceptive prompts would only create one prompt per program.

Cheers

 

It's not a security risk one click allow and one click block. It actually improves security and also the usability.

Cheers,
Josh

 

All of those checks(DNS/RPC Client, Window Messages, Image Execution Control) are disabled because of the fact that all viruses attempt to make themselves permanent first and hence will be caught. So COMODO Internet Security policy is a balanced policy with acceptable security and acceptable user experience. It is there to complement the AV. If you look at keylogger, and think of it not caught by AV: All keyloggers try to install them selves permanently first, and hence will be caught by CIS. Think if a keylogger is by chance executed and your typing bank information on a website and keylogger is trying to send the information back, The Firewall will catch it anyway. I explained 2 times before, Permanent damage is prevented and all the check points are kept to prevent this.

You mention Proactive, Well... Proactive Security policy on the other hand can REPLACE any AV for an experienced user.

Tell me with your experience what practical effects have you seen as a result of this configuration compared to the current default one? What system stability issues or security malfunction have you observed against CIS? (Malware related). I would appreciate a sample.

So again, Can you please send me the malware that bought CIS down and bypassed default configurations?

Cheers,
Josh

 

Off course. What Comodo is trying to do is to make a prevention first security product aimed at novices, with hopefully ZERO pop ups, or pop ups when only bad things happened. That's for v4.

Huge progress has been made since CFP 3.0. So far, everything is good. CIS really does have acceptable user experience and acceptable security, both always improve.

Cheers,
Josh

 

Hi Josh,

well what you state above, is the exact opposite of what Melih had stated in a thread in the mods section, when I had specifically asked for such a feature to be added.
What has changed since then and why does it improve security? (and please do not say the Av is added because most users already used antimalwares in their setups)

thanks,
Panagiotis

 

The pop-ups have been reduced so we have less Happy yes clickers than before. That's an improvement . + Defense+ has been made stronger...

eXPerience

 

I asked about the security not usability. (I had requested it for this reason and for digital signed applications only, for helping such users; Melih had refused to implement it because it would have made CFP 3 less secure).

So I ask again: why now is secure enough to implement it? (D+ is not stronger, than it was in version 3.0.x; is not weaker but not stronger either).

thanks,
Panagiotis

 

Your reply is like a CIS prompt - deceptive.
The problem is not per se one click allow and one click block.
The problem is - users are not aware that if they click allow this is a one click allow for everything.
How should they know? Nothing at the prompts indicates this behavior.
So as long as there is no hint at the prompts related to this behavior, CIS leads users straight to disaster.

Cheers