Comodo Memory Guardian Beta v1

I personally look at this:-

If (simple example) an AV vendor was to produce, and then release a new Viri, then say "we can stop this". Would this not be a problem? or at least a need for concern?

 

Hi, folks:

It could be very long while before general PC users could even pass the DEP 101. For them, including me, those are post-graduate materials. Trying to comprehend and grip them, but just always a step too far. Take care.

 

I agree with you.

 

At least some sanity/ comprehension.
Thank you.

 

Hello Stem,

I don't exactly understand what you mean. Are you referring to the Buffer Overflow Testing Application or CMG? And is it dangerous because crackers can reverse engineer it to exploit undefended machines?

I'll likely never go against you, and i'm not doing it now. I'm simply trying to understand.
On the side, this is MS responsibility in the first place, but they're more interested in luring you for Vista than protecting you. Put undocumented features on top, unsafe architecture, and overall grip on the market (vertically, horizontally, software and hardware), and i can tell you i'm out.

 

Huh? The test function is a joke.

 

So none of you agree with leaktests then?

I am happy everytime I see a security company release a test example and say "We protect against this", because it forces other security companies to get on top of things.

How many leaktests do you guys think Outpost/ZoneAlarm/COMODO would pass if firewallleaktester.com / matousec.com never existed?

I know for a fact that trojans have been using some of these leaks for a long time now since I used to know someone who sold undetected trojan servers for 300$ each.

 

Unknown/ not well known exploit will usually remain that way. Should a "security" vendor give code to do such?

Do as you will, I have no problem with that. I am comming to a point of leaving security forums anyway. Every one knows "better", so I feel I waste my time.

I know a number of possible bypass/exploits against firewalls/security apps. This takes me to:-

Well, rather than wasting my time e-mailing the vendors with my findings of bypass/incursion, then having no reply, no update by the vendor to protect, I will sell these instead.

If you worry so much about compromise, unplug your internet and be happier.

At one time, the PC was there for the user, to enjoy, have some fun. It now appears to be there to install security applications.

 

originally posted by STEM:

Hi, Stem. I echo your observation. A good friend of mine would laugh at me each time I introduce him to an excellent security program, he would not move at my suggestion. Because he is using a disposable PC, namely an ordinary box with stripped down (minimal) security setups PLUS a virtualization app (he uses DeepFreeze standard). He simply reboots it every 30 minutes or so, no hassles, and meantime enjoying the surf, not worrying about exploits, worms , those cyber wastes(his words), and save a bundle of moooney (again, his words). His experiences just make me wonder often.

 

Of course i don't agree with anyone providing code to break security measures (i thought this was not the case here, that was my question), but i do agree with alerting for specific flaws, after reporting directly to the developers.
Also, in this case isn't it widely known, perhaps exploited already?

About the forums, i get tired too. Comes and goes.

My own personal opinion is that Windows should have this for a long time.
Speaking for myself, i enjoy trying these, although less and less over time. When i answer SSM to allow IE7 for "global hooks", i realize there's so much i can do in XP. I mean, the browser is up the OS's ass, who am i kidding?

 

I found that funny when you mentioned selling the exploits

Seriously though my computer passes all leaktests and other known exploits without much compromise at all. The only thing I had to do was install CMG / COMODO v.3 Beta with "Clean PC Mode" and allow a few simple prompts for new software I install.

There are many security software out there that are even harder to configure and provide less security. Even some antivirus software and the like must be either installed, run or setup and even then they slow the computer down more than COMODO and provide less protection. On top of all that most of them will still make the user answer a prompt about a virus being blocked.

I think I will keep my computer on/plugged-in and enjoy it's full potential while knowing it is secure as possible all at the same time

For users to be able to enjoy their computers and have them secure at the same time it is a must for security vendors to know of as many exploits / leaks as possible. How can they seamlessly protect something they do not know about?

Also, why use a security product from a vendor that does not respond / keep their software up-to-date? These should be blacklisted in my opinion.

 

@ LUSHER,

We all know that you´re a security expert and know a lot more than most of us on this forum, so can you perhaps explain why you said that the test is rubbish? Of course you won´t need to go into details. Also, it seems that you´re a bit skeptical about buffer overflow protection, so it´s not really needed according to you?

 

I've been coming to Wilders for several years now, and have learned a ton! But I remember a post by Mrkvonic about 8 months ago in which he posted that we could relax and have fun on the net, and not be so paranoid about this, that, and the other (with common sense and an alternate browser). I think I'll subscribe to that mode of thinking, and have begun to whittle away at all of the security programs that I think I need! I haven't gotten there yet!!
Allen

 

What you people think about this product: BufferShield.

It has a free version too but I was not able to find any differences between free and apid version.

No free version.

 

Response here

 

I saw that they recommend to disable DEP before installing BS.

 

So if I made web site that showed the exploits I know, along with the code to do this, you would find that "funny"?

You really think all exploits are known?

That actually shows you dont.

So, for example, if "firewall A" put forward code to bypass, then said, buy our firewall because only we can protect. Would you then purchase said firewall, or would you complain of the possible compromise to others, who, may not want to change firewalls, or simply, they are not aware of such. Yes, Comodo give away the firewall/software for free,... but as they admit, they do this due to the fact that it brings in more sales from other ventures.

I can still make certain bypass/dos against Comodo firewall, this was reported, still no update to protect. How long should a vendor be given? Should I give a "time period" then put forward such exploit openly after that? Would such not be seen as possible blackmail?

 

As you are a Wilders Moderator I assumed you were joking.

I only commented on leaktests/known exploits.

I am sure the final of COMODO will pass the exploit.

Like it or not publicly releasing exploits and ways to stop them help security grow.

Edit: Which DOS attack can COMODO v.3 not stop?

 

1. This firewall is free. "Free" means "no obligations".
2. Yes, I assume, you need give some time to CPF guys to allow them to fix the bug. Then disclosure. It is a standard procedure.

 

Been Using it for a couple months I think... Too many holes in DEP that are already been exploited. I see systems where I cant really figure the actual penetration method as it leaves no trace, leading me to believe it's related to a fault in DEP...

CMD has triggered only twice on our test system (during heavy efforts to get infected) so I know it works I just don't know for sure if it is effective against all types of such attacks. Perhaps good enough against most and probably better than anything available currently in any products I know off...

By the way you can run both DEP enabled and have CMD running together. You will see DEP kicking in mostly but once in a while its CMD that works demonstrating that you would be infected if DEP only was running...

Thanks to Comodo for another neat little Pre Emptive solution that works!

 

I am not a "Wilders Moderator"

For me, it depends on how it is done. If for example, I have an exploit, then release this, this then gives rise to possible problems for most users. How I see this, is like most security concerned users. I send/inform security vendors of such. Should a security vendor not so the same?,.. did they?

I will let you know after its final release,..

 

Free for the user to use or not. or free for the vendor to release code for bypass?

I do send to Vendor what I find, but have never released my findings, even when no update is made. Some may presume (unless I post code/findings) that my findings are incorrect. I care not of this. I only concern of user protection, nothing else, certainly not a vendor.

Did Comodo release the code for the last "overflow" problem to all vendors before releasing the code to all?

 

Hi Stem, I see you are not a Wilders Moderator, sorry about the mis-understanding. Either way I think you got my point on that note.

I messages Egemen and he is saying everything you brought to him is taken care of and if not he would like to know what is still not covered.

Back on topic: The tests in Comodo Memory Guardian are not really a threat and seem to be very basic tests.

 

Sorry? I meant that if you don't have to pay money for software, it means that vendor have no obligations to you with new releases and patches.

You see, full disclosure procedure is made to improve end-users protection of the security tools. Some vendors are not very fast with security improvements, they are more about interface ones.

 

I understand this problems with some vendors,.. they do prefer to make their products "look" better than perform/protect better. But, my main concern, and from my post you omited:-

I asked this, as it would give indication of the vendor.

Example: I do not know you personally, but I know your product. If you where to suddenly put forward a "compromise", giving code, and the fact that your product protects from such,... would you of first informed other security vendors of this "compromise", or what?

Regards,