3.8 Trusted Software Vendors

How do I remove certain companies, such as Google (international spies), Paltalk, Skype, and Apple from my “Trusted Software Vendors” list without having to check the option to “not trust any executable signed by a Trusted Software Vendor”? (thus defeating the whole purpose of a Trusted Software Vendor list.) If it is not possible to remove these “TRUSTED” (ha. ha. Google? Apple? TRUSTED? They sell every bit of information they can to the highest bidder, and for free if they’re subpoenaed!) Software Publishers, I regret to say I will threaten to uninstall your product at once and search for a new Firewall and Behavioral Monitor Solution until a new version is rolled out correcting these very questionable changes.

No where in my right mind would I allow a piece of Google or Apple software to run on my computer any more than I would run warez that are know to be trojaned. They are major attack vectors, let alone the fact that these pieces of software are legalized spyware. Please don’t try to make the decision of which software vendors the User will trust for him. What’s next? digitally signed botnet clients? collusion with Google (already?)? the world’s governments?

I was always under the impression Comodo was one of the only actual Software security products in a market full of ridiculous claims and security theatre. I’m quickly being shown I was wrong.

Thank you for your time,
dead_ring0r

Long live the Free Internet.

You can remove any vendors (including COMODO) from the list. (I have found you must do it one at a time for it to remove it).

COMODO is trying to make CIS more usable to novices and inexperienced users and adding major vendors help those users answer alerts and kind of “dumb it down”. At the same time, CIS will also be remain suitable for the power users (like it is now) who want to know everything that is running on their PC and tweak settings to their desire. For example, if you don’t want to trust those vendors, remove every one of them. They’re making CIS usable for everyone out there. :slight_smile:

Actually…“Comodo CA limited” and “Comdo CP, Inc.” cannot be removed. Try it: select the Comodo trusted vendors and click the “remove” button…nothing happens!

But you are right about the fact that any other vendor can be removed.

The dude has got a good point. I have suggested that Comodo create a configuration wizard during the install process. I think a simple way to address ringOr’s concern is to add a “trusted vendor” option to the configuration wizard during install. In other words, one step in the installation process would include a list of the default “trusted vendors” that have been defined by Comodo. The user would select which of the default vendors he/she wants to install. This process will make it crystal clear which vendors are being trusted and will configure CIS adequately from the moment CIS is first started.

Elements that should be covered in the install wizard:

  • Ports configuration (e.g. stealth all ports)
  • Firewall Configuration (security level and alerts settings)
  • Defense + Configuration (security level, monitor settings, image execution)
  • Antivirus Configuration (realtime on/off, heirustics level, scheduled scans)
  • Trusted vendors list (approval of default vendors)
  • Update (auto update on/off)
  • Threatcast (on/off)
  • Language

Edit: a more comprehensive listing for the “settings wizard during install” has been compiled in the usablity forum (only forum members with a special forum membership have access to this link).

The wizard suggestion, Whoop, is an excellent idea. It would also resolve many of the questions currently being asked.
:-TU

Removing them one at a time worked.

Isn’t this an obvious bug if it allows you to ‘remove’ more than one at once without actually removing ANY? It should either only allow you to remove one at once, or to ACTUALLY remove them all.

I think the Installation Wizard is a good idea, and more likely to actually be implemented than my own: to fork CIS into ‘Pro’ and ‘Lite’/‘Home User’ versions.

Edit: I also would like any easy way to automatically allow the library loading (at least the windows libs) while keeping all other monitoring in place.

Yeah, I’ve mentioned in several threads about the “trusted vendors” list that I should be the only person deciding who I trust… My trust is not a community effort. Just because I trust an application does not mean that I trust everything that vendor releases!

I don’t agree at all with the concept of adding all of these “trusted” companies in a list that a large percentage of users will never actually realize are there.

The wizard idea sounds nice. At the very least it will attract peoples attention to the list instead of just trusting something for them by default.

I personally don’t believe it’s harmful to keep the Microsoft and the Component Publishers, along with Comodo, in the Trusted list. By installing Windows, you have implicitly trusted Microsoft with all of the data that it processes. By installing CIS, you have implicitly trusted Comodo with all the information that it processes. If you don’t trust Microsoft, use Free and Open Source Software. If you don’t trust Comodo, use a different firewall and behavior monitor.

Having these removed from the Trusted list opens up a can of worms of compatibility and usability issues as well.

I believe the trusted lists should be separated, into SYSTEM and USER… SYSTEM being responsible for trusting Microsoft and Comodo components, and USER for everything else. The SYSTEM list should be immutable, and there should be a ‘Component control’ to disallow certain libraries loading (even Microsoft ones, if the user so chooses). This should not be the case with the CIS exes and libs for obvious reasons.

There will be a great many support issues if paranoid people are allowed to stop trusting the OS and CIS itself.

I’ve seen a good Security product go this way before: a few years ago, Zone Alarm was bought out by (or at least started sharing a back-end with) Kaspersky Internet Security (v7.0 and up [possibly one of the flakiest, most poorly implemented pieces of software ever written - it makes the dev responsible for COM look like a genius in code]) and it went to ■■■■. A once great firewall was crippled by a poor implementation and growing bloat/making User’s decisions for them. Learn from Zone Alarm’s mistake!

EDIT: (and probably for a different forum) I have notices since I have upgraded to 3.8 if I attempt to modify the ring3 code splices of Comodo (of which there are now many more), it no longer completes successfully with a near-instant re-hooking, but instead generates a BSoD. This is an indication of an exploitable condition IMO. I can post a Kernel dump if needed.

I get far fewer popups because of the Trusted vendors list. Why would anyone wish to remove vendors from this list that are known safe?
It is only a tool to further the safety and capabilities of CIS (and reduce unnecessary popups)

Because you should decide who you trust - so for example - I think it’s very dangerous to have browser vendors in this list, since the web browser is often used to infect a system. Think about it! If Internet Explorer is a trusted application (it’s signed by Microsoft Corporation), then any action which is performed by any plugin or activex component is executed by a trusted application!
It’s not that I don’t trust Microsoft - but critical applications should be restricted as much as possible, instead of being executed as a trusted application!

You feel good about giving any vendors a blanket “safe” rating??

I prefer to take each vendors products on a case by case basis. I really don’t see the sense in saying, I like this product, everything else they produce now and forever has to be golden!

And having the ‘community’ weigh in on what vendors are safe is also problematic. Lets say you trust your neighbor enough to give them a key to your house. Should I in turn take your word for it and give them my key as well? I don’t even know them, how could I possible make a ‘trust’ decision based on hearsay?

I don’t use chat clients. I don’t use Skype. I don’t use P2P. Never have and never will. Skype and a company that makes chat products was ‘trusted’ for me by default with 3.8. If I never plan on using any of these products, why on earth should I ‘trust’ them?

Skype software has a government backdoor in it.

Google software is it’s own backdoor, used by google for data mining for their own targeted “behavioral” advertisement programs.

Apple software is also spy software (albeit to a lesser degree than google’s, only system configuration and movies watched or songs played) and has been issued very many critical security bulletins over it’s lifetime, often related to the browser plugins.

The WIZARD should scan your hard drive upon install for all signed files and give you a choice which vendors to trust.

A simple sniff with wireshark will show you that what I say is in fact truth (except for Skype, which is required by law to be backdoored in accordance with FISA, but sends encrypted packets as part of its normal operation, thus making any possible ‘phoning home’ impossible to detect.) Google software and Apple software has no need to upload to the internet at all… Read the EULAs, people!