Comodo Cloud antivirus

[Guest]

[lordraiden]

Maybe comodo can start to develop the same idea than Panda, with his panda cloud antivirus


https://forums.comodo.com/anti_virusmalware_productsother_security_products/panda_free_cloud_antivirus-t38541.0.html;msg296778

[J2897]

Malware Detection/Removal is not the Future of Computer Security. Prevention is the Future.

With a well designed 'White List' Technology, there will no longer be a use for 'Black List' Technologies like 'Antivirus'. At least, not until the age of Quantum Computing, or until someone manages to turn many PC's on the Internet into a giant 'Botnet Super Computer' and uses it to break the Encryption of many Digital Certificates, of which the 'White List' Technology may depend on.

Welcome to the World of...

Default Deny™ 

[ More ]

[axl]

Malware Detection/Removal is not the Future of Computer Security. Prevention is the Future.

With a well designed 'White List' Technology, there will no longer be a use for 'Black List' Technologies like 'Antivirus'. At least, not until the age of Quantum Computing, or until someone manages to turn many PC's on the Internet into a giant 'Botnet Super Computer' and uses it to break the Encryption of many Digital Certificates, of which the 'White List' Technology may depend on.

Welcome to the World of...

Default Deny™ 

[ More ]

The underlying logic of your recommendation is surprisingly poor, as it presents Whitelisting as some form of panacea.

From the "[more]" link here, your analogy with the Night Club Bouncer (Door Man) was quite colorful, although disappointingly misleading.

At New Year's Eve celebrations in a metropolitan center such as New York City's Times Square, which technology will security be forced to use: behavorial analysis or whitelisting?
Which entity, aside from Microsoft or a consortium of security companies, currently has the power to deliver an effective whitelist?

It is a combination of technologies which will be most effective, not your misguided faith in the universal suitability of whitelisting.

[J2897]

At New Year's Eve celebrations in a metropolitan center such as New York City's Times Square, which technology will security be forced to use: behavorial analysis or whitelisting?

None. I'm Safe if they are outdoors.

This is the 'White List' I was referring to: [ My Trusted Software Vendors ]

CIS can be configured to Allow only 'Trusted Software Vendors'. This could be how your CIS operates in the Future. Everything else would be Denied.

I think the Technology already exists to protect End Users from all Malware. I think that the problems is, not everyone knows about it (or how to use it) yet.

[axl]

This is the 'White List' I was referring to: [ My Trusted Software Vendors ]

CIS can be configured to Allow only 'Trusted Software Vendors'. This could be how your CIS operates in the Future. Everything else would be Denied.

I think the Technology already exists to protect End Users from all Malware. I think that the problems is, not everyone knows about it (or how to use it) yet.

Haha, I almost fell out of my chair!
It has been 2 years since release of CIS HIPS and Comodo still cannot populate a list of softwares from the top 100 software vendors, so I am supposed to rely on a default-allow list of vendor names?

My Trusted Software Vendors has been a great joke since its inception, lol.

[J2897]

A 'White List' is only 'Default Allow' when the Program is Listed. Otherwise the Program is 'Default Denied'.

... so I am supposed to rely on a default-allow list of vendor names?

Nope. Their 'Digital Signatures'.

[Chiron494]

While default deny is theoretically the best approach (nothing bad can run on the system) it requires the user to make any decisions not already covered in the whitelist on their own. Most users do not know enough to be able to correctly judge whether to allow or block. A good AV program should be able to make many of these decisions internally. A good HIPS, massive whitelist, and well constructed AV is the best combination of Prevention and Detection. This is what the end user wants, and deserves, from a security program. I believe that soon CIS will be able to adequately fill this void.

[aweir14150]

Wow, that's a great idea. Let's send (possible) viruses back through the internet. I suppose it would have to be through a VPN. I can't see how it would be ethical unless it were all encrypted.

Will it be called Comodo Cumulonimbus Antivirus or Comodo Nimbostratus Antivirus?

[muthusrinivasan]

A signature for new products to whitelists ? Then the product developer have to contact the AV Company to get the signature.

[J2897]

Most users do not know enough to be able to correctly judge whether to allow or block.

This is what we need to change.

[lordraiden]

Anybody knows the official position of comodo regarding the cloud antivirus?

[theantagonizer]

A signature for new products to whitelists ? Then the product developer have to contact the AV Company to get the signature.

The signatures are validated by Trusted Certificate Authorities such as Verisign and Microsoft. Microsoft does not have to ask Comodo to sign their products, it is using/expanding upon a system that is already in place.


As far as AV this has been an ongoing battle between malware writers and AV software writers for a long time. If you rely on AV blacklists you "Default Allow" anything that is not already known or does not behave in a manner in which you think a malicious piece of software would. I can not count how many NortonAV or McAfee "protected" machines that I have to remove infections from, even in this day and age. If you design AV to detect certain behaviors malware designers will find a way to get it to do what they want without setting off red flags, they are after all getting paid to do it.

Comodo has done a lot of work in making their IS system quiet. I find that I rarely get questions in my normal day to day usage. Windows Vista was a hard push in that direction though which I think has made a lot of people tired of deciding to allow or deny. Its up to the user in the end. Do they want silence from  security software and risk the possibility of encountering a new form of malware that is not yet detected or behave in a manner that would alert the AV? CloudAV is more of the same. It may ensure malware is identified by the security community earlier but it can not protect you as well as common sense, a little IT knowledge and default deny.

[Tags:]