Leak Test Results

[Guest]

[metalforlife]

Why are user being advised to SWITCH to a different mode or change the "protection" settings to pass the test. We are not running the tests to see if CIS passes it or if CIS is capable of intercepting different methods of attack. It is about make sure that the end users are protected. Why do users have to switch to "proactive mode" only when running the tests? Does it mean that COMODO doesn't recommend "complete" protection at all other times?

You can get a full score even in "Clean PC" mode. This way you are protected against all types of attack methods with minimal intervention.

Very hypocritical of COMODO. 

[John Buchanan]

There are some tests carried out by CLT that needs additional switches turned on.  Proactive does this by default, which is why it is recommended.  Of course, you can manually turn on all options yourself in whatever mode you prefer. and still pass 340/340.

[metalforlife]

That is not the point. The point is that the users are being told to switch to proactive mode only when running the leaktests. Are some of the leaktests CIS fails in other modes not important?

Should the protection be at the highest level at all times? You either tell users that some of the methods used by the leaktest are not important to pass, or you have to let them know that they have to sacrifice security for usability.

Why not give the user directions to configure CIS in Clean PC- or Safe-Mode so that it passes all the leaktests without losing usability? You could make the "guide" a sticky.

[John Buchanan]

Default configurations are set to minimize popups for new users. The default settings may change later as new features are added and popups reduced further.

[metalforlife]

Default configurations are set to minimize popups for new users. The default settings may change later as new features are added and popups reduced further.

Then why do you need the leaktest?

[John Buchanan]

It proves that your security software will protect you.  Would you trust any software if you could not test it out?

[Vettetech]

Please can someone confirm that I doing this correctly?

I only have the firewall installed.

Network Defense is in Safe Mode

In the summary window it says Proactive Defense and is also in Safe Mode.

In My Configuration under 'Select' it is set to Comodo Proactive Security.

I downloaded the leak test and before running it I cleared the D+ logs. I then double clicked on the exe and allowed access for explorer.exe.

After this I got a window for every single thing and I just clicked on 'block' to each request. This resulted in 340/340.

Is this how its supposed to be run please or am I doing something wrong?

Thanks,

Gazza.

You answered your own question. You got a perfect score so obviously you did it correctly.

[metalforlife]

There is a difference between "can" and "does". D+ CAN protect you in "proactive mode" but it DOES NOT protect in the default configuration. It is like saying you have the world's best security protected, but you have it disabled. It is just as good as not having any security at all.  

[John Buchanan]

Even the settings right out of the box gives you far greater protection than what comes with Windows.  Not everyone desires to set up maximum protection, some don't wish the extra popups associated with this maximum setting.  Some don't care either way.
There is a balancing act in play here, and those that wish maximum protection and know how to deal with the extra popups can select it accordingly.  Until popups can be virtually eliminated without sacrificing this security level, a lower setting will be default.  Most users are happy with this arrangement, as they don't desire extra popups.
Changes in how this is managed are coming, which will include greater protection and fewer popups with the default settings.  But this won't happen if ease-of-use will compromise security in any way.
Be patient, my friend.  It will happen.

[John Buchanan]

I am going to point you to the remainder of this thread.

[Vettetech]

I agree with John. EVERY SINGLE SECURITY program out there comes with default settings. Default settings are best for newbies and people who do not want to deal with alerts. CIS at default will protect you. But if you want more protection then you can turn things up. Avira is the same way. NIS 2009 will only score a 40/340 at default. When you trun things up you still only get a 80/340. KIS 2009 at default will score a 150/340. KIS at max settings will score 310/340. Now if CIS default install was Max settings then there will be tons of posts in here about 100's of pop ups. Do you see the POINT.

[metalforlife]

Even the settings right out of the box gives you far greater protection than what comes with Windows.  Not everyone desires to set up maximum protection, some don't wish the extra popups associated with this maximum setting.  Some don't care either way.
There is a balancing act in play here, and those that wish maximum protection and know how to deal with the extra popups can select it accordingly.  Until popups can be virtually eliminated without sacrificing this security level, a lower setting will be default.  Most users are happy with this arrangement, as they don't desire extra popups.
Changes in how this is managed are coming, which will include greater protection and fewer popups with the default settings.  But this won't happen if ease-of-use will compromise security in any way.
Be patient, my friend.  It will happen.

Well, every security software gives you better protection than what you get with windows. I never heard anyone advertise a SECURITY application as "This is a world-class product, among the top. But only a bit worser than Windows'".

I agree with your other views. But still think that advising users to manually setup CIS in clean PC mode would be a better suggestion. You get the same protection, minus the pop-ups. And you won't be seeing complaints regarding the pop-ups and frustrated getting fed-up and alienating CIS altogether.

[metalforlife]

I agree with John. EVERY SINGLE SECURITY program out there comes with default settings. Default settings are best for newbies and people who do not want to deal with alerts. CIS at default will protect you. But if you want more protection then you can turn things up. Avira is the same way. NIS 2009 will only score a 40/340 at default. When you trun things up you still only get a 80/340. KIS 2009 at default will score a 150/340. KIS at max settings will score 310/340. Now if CIS default install was Max settings then there will be tons of posts in here about 100's of pop ups. Do you see the POINT.

Agreed. But there shouldn't be such a vast difference between the default setup and the manually configured - super-tight setup. There is a huge difference between 90/340 - in default mode and 340/340 in proactive mode. Comodo has promised a significant improvement in usability for the coming versions. I will wait for that. But, until then, the right balanced has to be found.

[John Buchanan]

Safe mode will stop the Pending Files list from growing.  Yes, you can use Clean mode also.

[metalforlife]

I have mine in Clean PC mode and I don't have a single pending file. Only when Avira updates do a find the update files being added to "My Pending Files". But, anyone will know for certain that those files are Avira's, so not a problem. At least, you won't have the pop-ups for the pending files, which won't affect the level of protection. It would be much easier to review those files whenever you want, and if considered malicious, be discarded. You'll get alerts for every new file coming into the PC. I don't think Clean PC Mode is weaker than "proactive configuration".

[Tags:]