Suggestions to make cfp less noisy:
--During "Install" mode, don't ask me if I want to switch back to normal mode-- detect when the installer is done, and switch back automatically. If desired, add a "Switch back automatically" checkbox to the "Install Mode" alert.
--include a database of trusted apps, including internet explorer, firefox, etc. I have found standard apps raise alerts, which they shouldn't.
---include a database of common, trusted actions, such as browsing the web from inside various windows apps, such as windows explorer, or whatever. I have gotten alerts when launching a url from windows exploer-- that should be allowed by default.
--create leveled protection: eg, "minimal, cautious, paranoid" currently, they do not appear to be ordered in increasing severity, but hard to tell.
--it's unclear what the different Defense modes mean. Provide tooltip explanations in the system tray menu.
--dont give alerts on virus signature updates, comodo updates, windows update, etc. Or, give alert only once.
--comodo should not ask me every time windows update or windows defender and my antivirus program or comodo, for that matter, download and install updates. that's different than a user-initiated download of a random file over internet explorer.
--it would be nice if there was a way for comodo to see a difference between a safe spawned process and an unsafe one.
--I clicked "import windows contacts" in window mail, a previously trusted app. now Defense+ is asking me, "wabmig.exe is a safe executable. however, the parent, winmail.exe could not be recognized." -- makes no sense, winmail.exe is a trusted app. it may be that the
relationship is not trusted, but that's not what the alert says.
--option to "allow all processes started by this process in the future" when a specific alert is received.
--option to "allow all process started by trusted processes" as a global option.
These options would be turned off by default, for the "Cautious" defense level, and turned ON by default for the "Less Paranoid" defense level.
--option to "trust all processes signed by such-and-such company, or with same such and such Copyright as this exe", for example "Microsoft"
--today i got "mfpmp is a new executable and could not be recognized. It's parent wmplayer.exe was allowed to be executed previously."
but mfpmp is Copyright Microsoft corporation, and it's parent is trusted. Obviously, I've run wmplayer, Windows Media Player, thousands of times.
I would like the option to say, "Trust any exe launched by a trusted exe, if it's the same publisher", or some other property that help identify as probably safe.
Or, more specifically, "Trust any exe launched by
this exe, if it's the same publisher."
more paranoid users could disable these options.
-today i got the following comodo alert:
"winmail is trying to open winmail". i got this when i clicked an email address
inside winmail. need i say more?
--i get so many countless alerts about
safe apps, i assume everything's safe. getting a comodo alert should be like, "wow, this is serious. this is a threat. this is very likely to be a virus, malware, or spyware." comodo should be invisible as possible, otherwise.
--sometimes, i wonder if the plethora of comodo alerts is intended as a kind of advertising. "Hi, we're here, protecting away!" i don't think your users want advertising.
--you should do what Chai says here, but share the list of trusted exe's between all users, worldwide. The more users trust it, the safer it is. Set a cutoff, like "if 100 or more users trust this exe, add it to our global database.
--i believe this combination of features could help make comodo the best product in its category.
--no offense to anyone, but i don't agree with the "bandwidth management" plugin, if i understand correctly. that has nothing to do with security.
thanks
Author