Author Topic: Comodo: Realtime Protection Hero thanks to Unique Default Deny Platform!  (Read 22371 times)

Offline John Buchanan

  • "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well armed lamb contesting the outcome of the vote." ~ Benjamin Franklin
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6682
  • Personal Dragons can be defeated. Improve yourself
Jon79, you are begging for a ban.
Keep it up, please.  It will be more than a short post ban, I assure you.
Please follow Comodo Forum Policy

Bah! Ban 'em all! The only good member is a banned member
And a member is just a policy violator who hasn't been caught yet. >:-D

Offline Mineria

  • Comodo Member
  • **
  • Posts: 32
CIS scored high in matousec firewall tests, but they didn't use CIS default configuration (internet security), but proactive security. And nobody said comodo was cheating because you can manually adjust the settings to get that protection level, as well as you can manually enable Bitdefender and Avira engines on Qihoo 360 (I personally don't feel the need to do that, most of 0-day threats can be caught by the QVM engine, which performs behavior and heuristic analysis)
You seem to mix av signatures and default deny platform up, they are not the same thing.

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25840

CIS scored high in matousec firewall tests, but they didn't use CIS default configuration (internet security), but proactive security. And nobody said comodo was cheating because you can manually adjust the settings to get that protection level, as well as you can manually enable Bitdefender and Avira engines on Qihoo 360 (I personally don't feel the need to do that, most of 0-day threats can be caught by the QVM engine, which performs behavior and heuristic analysis)
That is because it is tested in the Proactive Security Challenge 64:
Quote
The tested products are installed on a virtual machine running Windows 7 Service Pack 1 with Internet Explorer 9 set as the default browser and with UAC turned off. The products are configured to their highest usable security settings and tested with this configuration only.
Comodo wasn't cheating. Because the Matousec Proactive Challenge x64 tests with the products configured to their highest usable security settings it cannot be compared to the AV-C test which tests with default settings.

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1103
That is because it is tested in the Proactive Security Challenge 64:Comodo wasn't cheating. Because the Matousec Proactive Challenge x64 tests with the products configured to their highest usable security settings it cannot be compared to the AV-C test which tests with default settings.

That's true, even if CIS settings were in a way tuned to pass that kind of test:
Quote
Further notes
All tests were executed outside the Comodo Internet Security's sandbox.
Comodo   Internet   Security   failed   Inject1   because   it   did   not   protect   against   the   technique   of   this   test.
The protection  was  effective  only  against  the  specific  implementation  of this  test.  This  was  proved  using
a slightly modified version of Inject1.

Anyway, I'm not going to write again about this topic, I'd like to keep being an active user of this forum :)

Offline costi1977

  • Comodo Family Member
  • ***
  • Posts: 98
guys, if you're talking about Qihoo, has anyone heard about backdoor issue of this av?

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1103
guys, if you're talking about Qihoo, has anyone heard about backdoor issue of this av?

I don't know if it's what you mean, I read in other forums of people afraid that a Chinese AV can be a backdoor for remote control in case the Chinese Government wanna make a cyber war...
I don't wanna be unrespectful to anyone, but the Big Brother doesn't belong to China...

There are mixed reviews about Qihoo 360:
Bad review: http://www.pcmag.com/article2/0,2817,2422024,00.asp
Good review: http://www.techsupportalert.com/best-free-anti-virus-software.htm

I personally like it, especially because it's very lightweight (if used as cloud AV only) and because it comes with some useful cleaning tools.

Sometimes I check here for new malware https://forums.comodo.com/av-false-positivenegative-detection-reporting/submit-malware-here-to-be-blacklisted-2016-no-live-malware-t114158.540.html.
If you look at Virustotal you'll see that Qihoo 360 catches almost every 0-day malware due their heuristic engine QVMII.

Qihoo 360 + CFW is a great combo :)
« Last Edit: July 27, 2016, 09:54:04 AM by Jon79 »

Offline Turkoman

  • Newbie
  • *
  • Posts: 18
Thanks for a great family Comodo! All lies, real Comodo. :) And free  :) ;)

Offline John Buchanan

  • "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well armed lamb contesting the outcome of the vote." ~ Benjamin Franklin
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6682
  • Personal Dragons can be defeated. Improve yourself
Here's a thought for you:
If Cloud AV only requires a lookup for every file you encounter, doesn't that simply chew up bandwidth, potentially more in the long run than downloading a signature database and checking locally?  Also, wouldn't a downloaded local database run faster than looking in the cloud for the answer?
Please follow Comodo Forum Policy

Bah! Ban 'em all! The only good member is a banned member
And a member is just a policy violator who hasn't been caught yet. >:-D

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1103
Here's a thought for you:
If Cloud AV only requires a lookup for every file you encounter, doesn't that simply chew up bandwidth, potentially more in the long run than downloading a signature database and checking locally?  Also, wouldn't a downloaded local database run faster than looking in the cloud for the answer?

If you think about bandwidth, yes. If you think about CPU usage, no.

This guy makes quite interesting comparison about security softwares (sorry, it's in Italian):
http://www.programmifree.com/confronti/velocita-antivirus-2016.htm
Look at CIS vs. Qihoo 360  :o
I asked him to make another test with CFW only (so, without the resident AV) and he confirmed that everything was much faster.
Then I uninstalled CAV from my PC (keeping CFW only) and I also found out that there is a noticeable difference in speed

I think the trick is to tune the cloud AV to reduce the issues and keep the advantages.
For example, CFW comes with a cloud lookup feature that works really well, you never notice a slowdown.
And according to PCmag http://www.pcmag.com/article2/0,2817,2475138,00.asp CFW scores as good as CAV in malware detection:
Quote
Comodo Firewall detected fully 83 percent of my current collection. That's the same detection rate achieved by Comodo Antivirus against these same samples

So, why shall I use CAV if the detection rate is the same of CFW, but CAV has a noticeable impact in the performance?

Offline Dennis2

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 9594
Whilst you always remember what happens on your computer will never be the same as someone else :)

As a example I never had problems uninstalling any of the versions of CIS or the alpha version we did have at one time.

Dennis
Moderator: Aims Forum a friendly place. Any concerns? Please PM me and/or review the Forum Policy 2012Updated.
System: Centos 7.5 x64, APF, HTTPS Everywhere, ABP, NoScript
 Fedora 28 x64, APF, HTTPS Everywhere, ABP

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1103
Whilst you always remember what happens on your computer will never be the same as someone else :)

As a example I never had problems uninstalling any of the versions of CIS or the alpha version we did have at one time.

Dennis

That's true, that's the problem of Inforation Technology, it's difficult to have objective results :)
If you test a car's speed, the result is objective.
If you test a PC's speed, the result is "yes, but..."  ;D

Offline ZorKas

  • Comodo's Hero
  • *****
  • Posts: 1157
That's true, that's the problem of Inforation Technology, it's difficult to have objective results :)
If you test a car's speed, the result is objective.
If you test a PC's speed, the result is "yes, but..."
  ;D
Hi,
The empty car or load of 200 kg ?
Same PC ?

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1103
Hi,
The empty car or load of 200 kg ?
Same PC ?

Usually a car is tested with the driver only, if some tests are made in full loaded conditions (for example, to check the brakes), it's clearly written.
About PC, some tests are made on a PC with a freshly installed OS and only the security SW installed, some other tests are made on a PC with other SW installed.
Anyway, I think the point was that tests on different PCs with the same (theoretical) configuration can lead to different results.
So, basically, you have to try by yourself and find the configuration that best suits your needs :)
« Last Edit: July 28, 2016, 07:51:42 AM by Jon79 »

Offline patrice58

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 833
Re: Comodo: Realtime Protection Hero thanks to Unique Default Deny Platform!
« Reply #43 on: September 08, 2016, 02:10:39 AM »
Here's a thought for you:
If Cloud AV only requires a lookup for every file you encounter, doesn't that simply chew up bandwidth, potentially more in the long run than downloading a signature database and checking locally?  Also, wouldn't a downloaded local database run faster than looking in the cloud for the answer?

I can counter that by saying if I have (which I do) unlimited downloads then it does not matter plus by using an cloud lookup or scanning engine I can get the most up to date analysis of the file. Yes it would be quicker to have a local database sure but a local database can be a few hours/days old and if so it's a false sense of security.

 
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1103
Re: Comodo: Realtime Protection Hero !
« Reply #44 on: September 28, 2016, 05:33:04 AM »
Comodo's protection never went below 99% wherease qihoo 360 did....:)

Now Comodo's protection has gone below 99% ;)
https://www.av-test.org/en/antivirus/home-windows/windows-7/august-2016/comodo-internet-security-premium-8.4-163121/

EDIT: 98,7% means 2 samples missed over the total of 162. It would be interesting to ask them to provide these 2 samples to check why Comodo missed them
« Last Edit: September 28, 2016, 05:45:36 AM by Jon79 »

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek