Comodo Internet Security

Regarding how things are getting integrated, EG: BOClean & Memory Firewall and "bloat". Melih explains it the best...

"We already have finalised the Cure product. It will start integration into CIS soon.

One of the biggest problems in development is having many development teams contributing towards a single source. You have to follow a good discipline and introduce things in a planned manner. Otherwise it will be chaos.

Our next release for CIS is a big one already as it is, we can't afford to add any more features into it. It will delay things. So next release after this current one will see the cure aspect being integrated.

We will provide the best and most usable security you can get your hands on! That is our promise and the whole Comodo team working together to achieve that.

Melih"

Not to mention... Not only the Heuristics but the new signature format for the AV will improve memory consumption, FP's, and also cleaning. The Heuristics by the way is similar to Avira and Kaspersky and Comodo tested there heuristics against a few other heuristics and it detected over 99% of what they detected (combined). https://forums.comodo.com/feedbackc...evelopment_activities_for_cis-t31974.120.html (#131). Whitelisting, Yes it's a huge whitelist... But no one really wants a D+ Alert for IE, do they? unless of course a malware tries to use IE. At the same time if the Comodo AV Detects 40% of malware (Remembering AV's can only detect %age of malware out there), D+ will prevent the rest along with the neat whitelisting, blacklisting & Threatfire which is a community based approach to help build whitelisting further!

The CIS code is already fast and effective in terms of protection and memory usage, etc. And Comodo follows that while continuing to improve everything. CIS in some cases already uses less RAM then CFP 3.0.

You can expect all this in maybe a few days! Looking forward to alot of beta testers... hehe

Cheers,
Josh

 

Performance wise- Excellent.
On my main computer I'm running Comodo FW D+ with Avira premium though with all the changes upcoming I may put the whole CIS on to try.

My laptop runs CIS now with no problems.
Running it with SpywareBlaster and WinPatrol Plus.

 

I'll be there for the beta. These changes just might make me a user.

 

Sorry. ThreatFire I mean ThreatCast.

Cheers,
Josh

 

I tried it a few weeks back without the av but nevertheless it still downloaded the bases

 

Defense+ and a massive whitelist is all we really need for maximum, yet simplistic protection.

Signature based anti-malware is sort of of waste of time anymore, no?

 

Let's look at Comodo Internet Security Architecture.
a) If the Antivirus in CIS detects a malware, Defense+ will NOT Alert you (No point).
b) AV's can only detect %age of malware out there.
c) So this means if 40% of malware is "detected" by CIS AV, Defense+ will only alert for the rest. Next version introduces whitelisting to help improve alerts.

So in this case, signature based detection does prove useful - Because it levels out usability for both "detection" and "prevention", "Cure" (If anything else fails) is being worked on for CIS. CIS is a rare FREE suite to have a layered security architecture with Prevention as first line of Defense and NOT detection. Detection comes second.

Bottom Line: Layered Security is the only way forward, And CIS is it with improvements to come as you will see in the next CIS version, which will eventually be usable for everyone!

Defense+: Prevention and is first!
Antivirus: Detection and is second.
Cure: Being worked on.

Off course - This is only my opinion Matt.

Cheers,
Josh

 

Josh,

If you don't mind, what exactly is Threatcast?

Thanks.

 

YEs this is my question too

 

I'll certainly be giving my impression of the upgraded AV both here and in the Comodo forums.

There are some very interesting proposed developments over the next few months,not least the much less noisy HIPS.

 

Thought you'd inadvertantly broken another corporate takeover there for a minute.

 

Josh can explain it much better than me,but it's a community-based aid to D+ decision making,similar to the A-squared Anti-Malware component.So,for example,92% allow firefox.exe you can factor it into your decision making.

 

Ah, thanks, i was suspecting so... Like forecast ---> threatcast.

Practically what Drive Sentry does to help you make a choice.

 

I think at one time Melih at Comodo wanted something like this so all security softwares can share. Sort of like a master whitelist and blacklist of good and bad programs/files. If you had the power of all security comapanies pooling their knowledge together, it can be quite an accomplishment. Each company can offer whatever they want for a free version/paid version. Some can include complete suites(Comodo) or some just the expanded whitelist/blacklist (DS and Threatfire). Each company can development their own heuristic logic etc. etc.

Ice

 

The idea is interesting. And it would benefit the users. Response times would be drammatically reduced. But i think it won't happen, because the major AV companies will feel they will give away an advantage they have. White/blacklist databases, depend directly on the amount of users you have. So, for example , such a Norton database, will grow much quicker than say, Twister's database. So, Norton in time will have a much better database and response time. So why share anything with the competition, when you can use it to KILL the competition?

Because such a huge database, with drastically reduced response times, would also put in second importance the heuristics.

 

The internet would be a safer place but like you mentioned, its a business and why share.

Ice

 

I have to first say I never cared for comodo to much in the past but CIS has changed my feelings.First the install went as smooth as silk.secondly I find its light as a feather while browsing the net.I really Had no intensions of running its AV or any other AV for that matter but since its there I opt in for the whole package.I have to admitt this is one sweet package all for free.I Feel I do not need any of it to stay safe but all the same I couldn't resist I can not help my self a software junkie I am.I need Software head doctor.


Know some questions, I noticed that Defense+ monitor settings there is a few unticked boxes such as, computer monitor, Disk, and Keyboard. I am aware what there intended purpose is but was this defaulted for reduced lower alerts? where not these checked in past version by default.Also would it not weaken its defenses left unchecked?.

The Firewall settings I choose stealth all ports was the right choice for me.Is there any other settings that should be changed other then its default.

I already aware of the Antivirus Detection and do not care about that so no need to get in to that.thanks

 

Yep. At the end, the AV industry is a business for profit... I actually had made the hypothesis long time ago, in this forum, that Comodo was using the firewall to collect a large database of programs through the "auto submission" feature. Now i believe it even more after i read about Threatcast. Curiously also, in the last build, when i import settings, all settings are correct, except one : the automatic file submission. I ALWAYS disable it , but when i import the settings, it's the only setting that remains "incorrect" , meaning , it is enabled.

If more and more AV vendors go into the "community database" thing, the quality and magnitude of the database will become the main weapon , that will separate top tier from 2nd tier AVs. Also the quantity counts. Because for example, smaller av companies, with smaller userbase, may have in their database the same .exe as a lager database. But, if say Norton has 100 users for a rare exe, saying it's "good" in 90%, while Twister has say 4 users, saying it's "good" in 75% (3 out of 4), the chances that the users of Norton are wrong are much slimmer than those of Twister. So, in the long run, Norton's database, will become more "trustworthy" , as well as big. So Norton will "kill" the smaller fish.

If this tendency of online databases spreads, i think freeware providers or small vendors may earn some profit by "selling" their database data to bigger vendors. Otherwise it will be tough to survive.

 

This might help.
http://forums.comodo.com/guides_cis-b130.0/

 

Switching to "Proactive Security" via right clicking CIS system tray and choosing "Configuration" will enable full power of Defense+ and checks Disk, Keyboard, etc automatically. Reason is AV Architecture monitors these, and when the heuristics is out in the next version it will be stronger to take care of these areas, for usability but not sacrificing security.

If you want to prevent 99% of malware - Proactive Security is the way to go.

Cheers,
Josh

 

You guys pretty much answered the ThreatCast question for your selves.

ThreatCast collects info on what users click for Alerts, This helps build white list, blacklist and many other things. I believe ThreatCast was in BETA back in March v3.0.22 around that area, And they just left it for CIS... But it should be improved now.

I believe ThreatCast, Whitelisting, Blacklisting, Defense+ & AV + Heuristics in this next version soon will be another major milestone for both security and usability, and free...

Cheers,
Josh

 

I am really excited about the next version. My two fears and that it will grow in footprint, and that at some point it will turn into a paid program. Sounds like a lot of money is being spent to develop CIS. I guess I will enjoy it while it lasts and hope for the best. Hopefully if they start charging, they will start with businesses.

 

Comodo makes $$ other ways without getting rid of features in there software like paid and free software too from the same company.

Melih doesn't believe in paying for security, so doubt it will happen... hehe.

Cheers,
Josh

 

Ok I selected proactive and I see know how it changed the defense + settings through the GUI.I did not even know about the right click on the tray, wow pretty neat.thank you

 

Hey thanks for the nice tutorial of comodo.I should have searched my self but I am a bit lazy and tired tonight.thank again for making it effortless.