The following is an extract from another thread.
It seems like this thread is more appropriate for my Q although it may not sound as sophisticated as other issues in here.
...I deliberately wrote “find IF
an app. belongs …” to Comodo's trusted list not that I wanna see whole list. The list can be huge – like 1milloin + 69 entries and reading it would bore me to tears.
’s answer made me panic.
1) If WE can see the list, so can malware, and it could inset itself into the list. The list of approved apps is hidden as a security measure and will not be revealed.
Well, I found this argument a bit weak.
Displaying whole list must not mean
that such serious application would keep DB of certified apps. in some kind of, say, text file or any other unencrypted form making it easy for malware to “inset itself into”. I personally never met any drunk programmer who can consider such insecure implementation. The sober programmer may not code this way too.
So mainly showing the whole list should not be a problem at all. The ability to perform Search by name and give True/False result would just help.
What is a real problem as I see it is how Comodo performs a check in its own hidden list of trusted apps
In my evil experiment I wrote a small app. It communicates with port xxxxx. I compiled it and saved as EvilApp.exe. Actually you can use any app. you have/download etc.
I renamed it as uTorrent.exe (certified one but you can use any other Comodo approved you know) and ran it. No question asked
. If you want to see Comodo’s question about “false utorrent” and xxxxx port you know what to do with that checkbox.
It looks like hidden secret list “WE
cannot see” contains just filenames(?!)
. You see, I intentionally did not name & compile the app. as utorrent leaving internal name different because I was testing Prevx for the same reason. Guess what? The orange
Prevx’s window comes up and notifies me about EvilApp(!)
That’s better isn’t it?
So basically do I need to “inset” (physically) anything into the list or just show the false ID and bypass?.. Cause, I am in , and talking to outside world, and my app. doesn’t have interface. Forgot how they call those nasties…?
I hope anybody (better all of you) can prove me wrong.