The damage of fanboys advises

Discussion in 'other anti-malware software' started by Kees1958, Jan 31, 2009.

Thread Status:
Not open for further replies.
  1. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Devious yes, very dangerous, not so sure. Most who have worked with SandboxIE have seen error messages when a program could not be installed in the sandbox, but I don't recall ever seeing anything asking me to shut down SandboxIE/Returnil, so that message alone would red flag the malware and result in me showing it the door.
     
  2. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Yes I get your point there.I suppose the only real issue is that although personally I'll always run any unverified application sandboxed,be it a program or a whatever.If it refused to run sandboxed then I'd give it the firing squad immediately,however others might be tempted to try it out of the sandbox,I'd be interested to know the methodology of this type of malware.
     
  3. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Well, we can't do anything about others' temptations :) I do see where it would be a serious problem for those just coming to SandboxIE and not having seen any of its standard error messages. This is where it becomes not just advisable, but essential to not only read the help me file and FAQ, but read through the forums. If there has ever been any problem with SandboxIE, you can be sure it's been brought up someplace in the forum.
     
  4. O.Alexander

    O.Alexander Guest

    Thanks Kees,
    I almost used SandboxIE even though I don't know how to configure it/ use it.
    I guess I'll stick with Defensewall. :D
     
  5. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    :thumb:
     
  6. 3xist

    3xist Guest

    Some one tell me why a person would be better of with Online Armor then Comodo with these Alerts from the Downadup/ Conficker worm?

    D+ Said this malware is malware and displays a RED Alert! OA has no idea. These examples are taken from Downadup/ Conficker worm and CFP Defence Plus Thread where I was posting there also, you guys can go ahead and read my posts there.

    So my question again from that thread it to this thread... Why users would ignore this big red alert…while with the same token block OA’s non descript alert about memory injection? It's just a simple example as to why D+ Alert would be easier then OA. It's a fact, NOT a Fan boy Advise. In the same scenario, If a user allows something in OA or D+, Either product, it's legitimate - Just because Comodo might have more pop ups does NOT mean for the other 50% of users, As you say Kees, Are better of with OA. What if a malware runs that your AV does NOT detect and OA has to deal with it? will it say it's malware like D+ would? Why would people advise users OA with this Alert on a undetected malware, OA has no idea, But Comodo does??

    As I said, the examples are blow with a malware. Some one goes to a new wilders person "Hey... Use OA rather then Comodo you are much better of with OA!!" This user runs this conflicter unknown malware and finds OA has no idea, then tries Comodo and says, Great! Comodo said it was malware and I blocked it!!! :) Good job D+! :) Once again, This is not fanboy advise - This is facts.

    Watch this space for CIS v3.8... Usability is coming!!

    So below... OA pop up or Comodo?

    Cheers,
    Josh
     

    Attached Files:

    • OA.gif
      OA.gif
      File size:
      23.9 KB
      Views:
      376
    • cfp2.jpg
      cfp2.jpg
      File size:
      55.3 KB
      Views:
      374
    Last edited by a moderator: Feb 2, 2009
  7. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    504
    They are not same type of applications .
    If you don't see any situation in which sandboxie can be useful for you,and i don't mean only protection against malware than you probably don't need it.
    Btw i am a sandboxie fanboy
     
  8. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I wonder, as this thread grows, whose responsibility is it to gain correct information?

    Should the program offer a help file that give detailed instructions, and be the answer.

    Should the user be responsible for learning about the product and it's actions, or not use the product.

    Should a forum poster, trying to pass either valid data or opinions be responsible for the success or failure of the OP?

    I suppose the way I look at things, fanboys or experts, what is the difference? If the user is too lazy to learn/read/try, and wants a quick fix from a forum post from 'anonymous internet person', I think the user is taking matters into thier own hands.

    Many knowledgable peeps LOVE to share. I love it. Many knowledgable peeps LOVE to learn. I love that too. That is what makes forums so interesting.

    But the core problem here, as Kees eludes to with the traffic training, resided with the user. I have many computers that I fix/maintain. Having had a salesman sell them a tool, forum posters tell them the Uber product to use, other friends/colleagues tell them what to do, and other people giving even more advice, they still usually end with problems.

    Then there are those who just don't want to learn and click what they want and pretend because thier new Dell has all this stuff on it things are OK.

    The people who I support are primarily not wishing to learn much. I sincerely, and I do mean SINCERELY, struggle to come up with solutions that are not too complicated yet still offer a decent package. Security or whatever. All the same.

    If the user just does not have the desire to learn, what can be done? I can teach some, but very very few really learn. Think about it yourself. Here at Wilders, you are surrounded by mostly like minded people. People who really dig this. Now think about your grandma, your uncle, your nephew, your brother, your wife and your friends. How many of them want to come here everyday and post and share and learn? For me, only 1 would. The rest, not thier cup of tea.

    Sandboxie is a great app for those who just don't want to learn. It offers pretty darn good protection at the expense of really not having to understand much about it. That is what I would call affordable. Comodo, no way. It costs too much for them. LUA, that is sort-of affordable, depending on thier level.

    The point is, talking about who does or does not give out information that is good or bad, right or wrong really is a mute point. YES, it would be nice if correct information was given. But ultimately, it is up to the user to really understand. And face it, that just does not happen the way it should.

    This thread is bickering over a topic that has no solution other than what Kees said with the traffic. Peeps must learn what they are protecting, how it is protected, and how to maintain that protection.

    And let us not forget, that even if you say program ABC is the best security solution out there, with proof positive facts behind it, I might find that program ABC is such a pain to work with that I would rather risk it and use program XYZ, because I enjoy using it. And since I want to enjoy my time on my computer, that is what I will do. How do you handle that situation? Even knowledgable peeps do that, imagine what the uninformed and confused do? They may try program ABC and program XYZ, but they may end up using the really flawed program QRS, for a myriad of reasons.

    This is a dead-end road. Knowledge is power they say, and IMO it is certainly the case with computers.

    Sul.
     
  9. 3xist

    3xist Guest


    Well said!!
     
  10. Spiral123

    Spiral123 Registered Member

    Joined:
    Jan 10, 2007
    Posts:
    130
    Its simple, usability versus security. If people don't understand computer security, usability will win every time. Its a little different in a corporate network where policies can be set more concrete, either with network devices, or group policy etc, home users will do anything to use the computer as they want. I have seen many home type users just disable or uninstall any software interfering with what they wanted to do. Whether is was viewing a porn site, or following a link in an interesting email they received. Basic point is that software that relies on ANY user input is subject to misconfiguration, or elimination in an uncontrolled environment. (i.e. home users) PERIOD.
     
  11. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    You're 100% correct there,the forums are very enlightening still I suppose a lot of folks just aren't inclined to research it to any degree they just want it 'to work' with no user intervention,that's always the programmer's dilemma.
     
  12. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    It's clear from those screenshots which 'warning' is more pertinent to the average user.The actual name given is irrelevant to them,whereas the red header and mention of malware is the more useful guidance,fact.
     
  13. fistico

    fistico Registered Member

    Joined:
    Jan 17, 2009
    Posts:
    17
    Next time, you go to clean a PC,
    have in mind a Magnificent FREE Repair ToolKit
    you can download HERE .
     
  14. Gizzy

    Gizzy Registered Member

    Joined:
    Oct 5, 2007
    Posts:
    149
    Location:
    NJ, USA
    @3xist

    Only problem is that I get that same exact malware warning when I try to open notepad :cautious:
    I still use comodo anyway though.
     
  15. 3xist

    3xist Guest

    Yes. This is what I was trying to point out.

    Does OA provide these kind of useful Alerts? No - They may implement something similiar in the future, who knows!
    Does Comodo provide these useful Alerts? Yes.
    Is OA usable? Yes.
    Is Comodo usable? Getting there... Wait for CIS v3.8 and anyone can use CIS with ThreatCast!

    @Gizzy. Yes Sometimes D+ can give faults, but really, what program doesn't? The bottom line is some one shouldn't be told, Who is new here to guide them to OA then Comodo. Let them make their own decisions and let the "fan boys" around them help them out with facts they may and can provide useful - I agree with people saying "Ohh use OA cause its better" and yes those are the type of people who should NOT advise a new user and is counted irrelevant, But with facts - It's quite simple. This a free forum, And people should do as they wish when choosing products, and not have people read THIS THREAD and follow the advise given, IMO is totally wrong when you are comparing OA to Comodo which is why I am posting here in the first place. No product is perfect. If people want to use OA, So be it. Same with Comodo. People have different needs, But I provided the evidence as to why a user who's AV does not detect a malware, Comodo will give the red Alert and say it's malware, NOT OA - It's only ONE Scenario/Example as to why users have the Advantage of using D+ with CIS or the Firewall/AV Standalone. Off course... Not all unknown malware not known to the AV/Heuristics D+ will say its malware, D+ may not say it's recognized, But this is the point I'm getting at, in the above example D+ in this case, DID give the red warning and did say its malware, OA could NOT make the decision for you, Therefore users will react better to D+. But D+ commonly will say this is malware, give you the red alert, and YOU should block it.

    Just my 2 cents.

    Cheers,
    Josh
     
    Last edited by a moderator: Feb 2, 2009
  16. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Personally think OA's message is more classy but in no way am i saying its better, they are both strong but i just woulnt want to see OA doing Comodo like BD did the NAV look. I prefer to have a choice instead of all of the same.
     
  17. 3xist

    3xist Guest

    Agree.
     
  18. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    3xist, I won't keep this OT but for just a sec, but do you know of any plans to make either Peerguardian or at least Protowall work with CIS 3.8? It would be a blessing if they did, or, possibly even better, allow lists, say, from IBlocklist, to be imported into Comodo and thereby not even having to deal with the IP blocker programs themselves.
     
  19. 3xist

    3xist Guest

    Can you please do a bug report at the Comodo Forums with the Incompatible issue with PG, PW and CIS? and I'll make sure a dev looks at it if they don't respond or if it's not fixed. But bugs do have a priority according to serviette, etc and when they get fixed. I've seen this mentioned before... Can you please PM me if you haven't used the new CIS v3.8 beta yet to follow up this.

    Cheers,
    Josh
     
  20. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857

    Well Josh,

    I initially agree with you, but decided to have a look around and I must say

    In default config CFP heuristics kick in, so that is a good response (1-0 for Comodo). SADLY in another mode Comodo generates those pop-ups

    Comodo pop-ups https://www.wilderssecurity.com/showpost.php?p=1389993&postcount=55

    where as OA pops-up with OA pop-ups http:https://www.wilderssecurity.com/showpost.php?p=1389860&postcount=48

    This defenitely means a strong 1-1 when you ask me,

    Because I am not using either Comodo FireWall or Online Armor I can not judge myself, although this thread is an interesting read https://www.wilderssecurity.com/showthread.php?t=231545

    Reading this posts, I noticed that you creativeky used information, by only showing 1 one OA's pop-up and using the best Comodo reaction (in one of its modes), then I noticed on the Comodo forum that you are a "Comodo's Hero".

    So Aigle should not use Comodo in the paranoid/advanced mode (or whatever it is called), because Aigle is way to inexperienced to handle the pop-ups :)what: :doubt: :D )

    . . . . or you are a Comodo fan boy ( :blink: :shifty: :p )
     
  21. 3xist

    3xist Guest

    Kees1958,

    1-0 for Comodo? A strong 1-1? This isn't a soccer match. This is Computer Security and how users have the right to make their own decisions and can get help when provided by useful "facts" to help make them use that particular software with ease as soon as they understand. You say you are not using Online Armor or Comodo... So how can you judge these 2 threads, and most importantly, Comodo & OA? Picking a few threads here at wilders, and reading those threads that reflect on Comodo on how bad the pop ups are, Then making an assumption here that OA is better is NOT good advice at all mate. Let people learn, and try things!


    Observation on just threads on Wilders, and not using Comodo then making the assumption here about Comodo is wrong.


    Because you have are not using product, that is more of a shock as to why you compared OA over Comodo in this thread as I stated above. I already posted in one of those threads. And Egemen (Lead CIS Developer) Responded at the Comodo Forums too with a clear explanation. If you use CIS you will understand my posts and Egemen's better. Review Egemen's posts.

    Creatively used information? No. These are facts from my experience with Comodo for the past 3 years, These aren't "creative information" like when a High School kid does an assignment. And as I said, This is only ONE Scenario as to why people have an Advantage with Comodo then OA. You talk about modes, People are only one click away from Proactive Security Mode to activate the power of Defense+. There is another Scenario as to why Comodo is used over OA, If people install the full CIS (AV+Firewall, D+) D+ will not bother Alerting when the AV detects a malware. Also next Tuesday when CIS v3.8 hopefully goes final, There will be HUGE usability, MUCH less pop ups and ThreatCast will still maintaining Max Protection! And so many people will get this advantage using CIS. Either way, With CIS, Your protected.



    You notice I'm a Comodo Hero? I Moderate the entire Comodo Forum with other mods and test software before they are even out for the public/forums, More then a Hero.

    Yes I am, So what? Am I going to give users mis-information like you said in this thread fanboys will? Will I really cause damage when people ask about Comodo? (One if the key words in your subject here).

    People have the absolute RIGHT to chose their own software. "But OMG OA is better because the Alerts are more colourful!!! and this is what THIS PERSON said, etc" That's not good advice for new users. Don't forget there is built in HelpFile, Support forum & Technical Support - Both Vendors, OA or Comodo, do provide.

    People misunderstand that Comodo are against OA, They are not, And Comodo wishes them well. Bottom Line is Kees, Without fully understanding Comodo Firewall/AV/Suite (Which is included all in one) and the facts around them, Then going off and reading a few threads here about Comodo popups, Then make the assumption that new People should be using OA over Comodo is just plain wrong. Anyone should have the right to choice what they want with relevance guidance from the people around them, A thread does NOT need to be started to tell people what people should say to new people who come here.

    I hope you reconsider this thread.

    Cheers,
    Josh
     
    Last edited by a moderator: Feb 3, 2009
  22. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Josh,

    I said I am not using, this does not mean I have never used it, but not at the moment.

    You will find post on how to reduce pop-ups of earlier comodo releases (In some you will find that I am telling I am a former Comodo critic, meaning seeing the value of a free CFP V3.x). I have also beta tested OA and Mike has implemented some suggestions. So I am familiar with both.

    I will not respond on the other "opinion"" statements, because they assume I do know nothing about Comodo & OA (only factual statements).

    Cheers
     
    Last edited: Feb 3, 2009
  23. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Well that "MUCH less pop-ups" is really good news, also the HIPS shutting up when the AV will find a threat

    Cheesr
     
    Last edited: Feb 3, 2009
  24. 3xist

    3xist Guest

    You learn something new every day. So how can you assume new people should choose OA over Comodo when you just learnt something about Comodo then?

    Cheers,
    Josh
     
    Last edited by a moderator: Feb 3, 2009
  25. 3xist

    3xist Guest

    Good for you man. So you are a critic with CFP 3... So your familiar with Comodo past, What about Feb 2009 CIS? Also another question how do you know a new user will not click "ok" on a OA pop up?

    Cheers,
    Josh
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.