Hi MartiusD,
Install and forget is exactly why CIS is on my young child’s system.
Most CIS reviews have negative comments about the number of popups even those that recognize its superior protection.
A lot of reviews are more like opinions than reviews and any review is only as good as the reviewer.
When you consider that most popups are incomprehensible to ordinary users....
Most users are not illiterate.
[url=https://help.comodo.com/topic-72-1-623-7607-Understanding-Security-Alerts.html]Understanding Security Alerts-Comodo Help[/url]
....questionable default protection settings, problems with AV signature updates, problems caused by sandboxing some software, problems with updates to new releases
The above issues have decreased with each version release IMO.
Once again, the uninstall process has improved with each release IMO.
I haven't personally needed to use a clean-up tool since I don't know when.
....tedious procedures to report bugs and false positives, unnecessarily large downloads, and many other issues documented in this forum it is not surprising that many people have given up on CIS and installed something easier to use....
The above is debatable.
My challenge to Comodo is to make future releases of CIS user-friendly by making all features requiring expert knowledge transparent by default. It's OK to allow the geeks to play around with the settings if they want to, but ordinary users should be able to get great protection without understanding anything about how it works.
IMHO, this milestone has near been achieved with version 8.
No software is perfect, bug free or 100% suitable to everyone’s requirements.
If any software creator had the ability to please everyone they would be a true genius, unfortunatly this is also impossible.
Isolated mean sandboxed and unlimited means no sandbox and no hips, to accurately test this, you need to either disable the sandbox or create an ignore rule for the application.
Edit: Accidentally said firewall instead of sandbox, fixed that now, sorry.
First CLT was design to test HIPS, since V4 CIS has been improved, so if you want to get an accurate result you have to disable autosandbox and activate HIPS(and increase the protection up to paranoid from hips settings), but the easy way is to increase the level of autosandbox to restricted/untrusted an you will get 340. I also love the HIPS but since v5 I can get the same amount of protection without HIPS.
With AutoSandbox disabled and HIPS enabled [at]secure I got 210/340, [at]paranoid 230/240.
I definitively messed something…
Where can I find the settings to increase the level of autosandbox to restricted/untrusted?
Another question: I’m on Custom Rules on firewall settings and I initially checked the flag for “Create rules for safe apps”. I flagged it in HIPS options too. But I wanted to revert back my choose and disabled the option from both pages (Firewall and HIPS) and deleted all the previously created rules for safe apps. While it seems to work for HIPS (no more autocreated rules), in Firewall rules I can see the rules list populated with Apps which I select as safe. Is it normal?
Does your child know what to do with a popup like “abc.exe is trying to modofy a protected registry key” or have you changed the default settings to eliminate popups altogether? The CIS I would like to see would give good protection for any non-expert user with minimal or no popups and without changing any default settings.
I agree, but most of the reviews in respected computer magazines and on security related web sites comment on the excessive popups and they can’t all be incompetent.
True, but most users would have no idea whether to allow or block a popup like “abc.exe is trying to access the physical memory directly” and after many such prompts are more likely to ditch CIS for something else than to check the Comodo help for guidance.
The dozens of problems installing v8 already posted in this forum would tend to contradict your opinion!
Yes, there are MANY posts on this forum that are debating these issues.
There are many on this forum who would disagree with you. I happen to be one of them.
Most users will use default settings and with default settings you won’t get pop ups. Also
I agree, but most of the reviews in respected computer magazines and on security related web sites comment on the excessive popups and they can't [u]all[/u] be incompetent.True, but most users would have no idea whether to allow or block a popup like "abc.exe is trying to access the physical memory directly" and after many such prompts are more likely to ditch CIS for something else than to check the Comodo help for guidance.The dozens of problems installing v8 already posted in this forum would tend to contradict your opinion!Yes, there are MANY posts on this forum that are debating these issues.There are many on this forum who would disagree with you. I happen to be one of them.
With default virutalisation CIS is more secure than before. Surely the problem with zip and other archives needs to handled but other than that CIS would benefit more for usability with any improvement in white listing. Which in turn may make others unhappy and start another discussion. ;)
In the end there when it comes to unknown files and a user wants it to run outside the sandbox it comes down to judgment of the end user. In practice a lot can be mitigates when he knows what program you downloaded from what site. Give people reputable download sites where they can get a lot of useful tools for free. It will keep them from being the victim of unfortunate searches with search engines or using p2p networks for cracked versions of paid programs.
Sorry, just realized that if you install CFW it will default to the firewall configuration which has HIPS enabled and sandbox disabled by default (I wonder if this is intended??)
