Ability to detect and warn the user if the program he is installing is also trying to install bundled “adware” or “bloatware”.I have yet to see a full internet security suite that actually blocks the nasty PUPs.Useless toolbars,cleaners,search suggestion programs that inject ads into browsers and redirect traffic,registry mechanics that do more harm than good and other similar programs.Often I troubleshoot computers that are very slow and I have yet to see a single case when rogue programs (a “bloatware” or “adware” which is unfortunately not classified as malware) isn’t the main cause.Often these ad injecting programs redirect the user to malicious websites,put the user’s banking credentials at risk and do other potentially illegal or unethical things.Comodo is different from the rest of AV industry when it comes to being open about the levels of protection that people should expect from their everyday AVs , and I think Comodo should expand its “campaign” even further by fixing the real issue that most of the internet users face now a days.
Today, when you hear someone say “Oh my computer is so slow, it must have 1000 viruses”,in practice that most likely means “My computer has been invaded by adware/bloatware that makes my computer unusable.I can’t use it to do work,to watch Netflix,to write a Word document,to visit websites”.Bloatware/adware is de facto the new “virus”.Cyber criminals can use them for clickjacking and unethical product manufacturers mislead users into buying useless products.This is something that the users should be protected against.You may say it’s not really AV’s job to protect the user against adware/bloatware, but offering this protection would place Comodo one step above others.
Improve the firewall by adding an ability to create flexible rules for specific IP addresses.
Example: Program tries to connect to IP 22.214.171.124 . Detect and warn the user.The user can whitelist/blacklist that particular IP.Then the program tries to connect to 126.96.36.199 .Prompt the user about it and for every unique remote address it tries to connect to.This is obviously not something that an average user would want to see but having this feature(disabled by default) would help many others who might need it.I have tested many consumer grade firewalls and I saw this feature only in one of the products.
If the Pro version had those two above mentioned features, I would pay even more than it costs right now.
Please consider the following improvements...
1) Ability to detect and warn the user if the program he is installing is also trying to install bundled "adware" a.k.a "bloatware".I have yet to see a full internet security suite that actually blocks the nasty PUP
Also when it comes to removing PUP, " AdwCleaner" and " Junkware Removal Tool" take the crown (:s*)
If I understand you correctly on this one then it’s already implemented, just set the Firewall to Custom Ruleset (if you want to also get alerts for trusted programs and not just unknown programs) Disable Do NOT show popup alerts and bump up the alert frequency to a level that suits you.
[b]Set alert Frequency level[/b] - Enabling this option allows you to configure the amount of alerts that Comodo Firewall generates, from the drop-down. It should be noted that this does not affect your security, which is determined by the rules you have configured (for example, in 'Application Rules' and 'Global Rules'). For the majority of users, the default setting of 'Low' is the perfect level - ensuring you are kept informed of connection attempts and suspicious behaviors whilst not overwhelming you with alert messages. ([b]Default=Disabled[/b])
The options available are:
Very High: The firewall shows separate alerts for outgoing and incoming connection requests for both TCP and UDP protocols on specific ports and for specific IP addresses, for an application. This setting provides the highest degree of visibility to inbound and outbound connection attempts but leads to a proliferation of firewall alerts. For example, using a browser to connect to your Internet home-page may generate as many as 5 separate alerts for an outgoing TCP connection alone.
High: The firewall shows separate alerts for outgoing and incoming connection requests for both TCP and UDP protocols on specific ports for an application.
Medium: The firewall shows alerts for outgoing and incoming connection requests for both TCP and UDP protocols for an application.
Low: The firewall shows alerts for outgoing and incoming connection requests for an application. This is the setting recommended by Comodo and is suitable for the majority of users.
Very Low: The firewall shows only one alert for an application.
The Alert Frequency settings refer only to connection attempts by applications or from IP addresses that you have not (yet) decided to trust. For example, you could specify a very high alert frequency level, but not receive any alerts at all if you have chosen to trust the application that is making the connection attempt.
Same firewall configured to ask about every connection will fail if the browser add the default settings (output only, web browser), for example. On the issue of blocking adware you can create filter rules in the web, but would give much work to set up, even so, (web filter) only work for online installers that need to be downloaded.
Actually, it’s because you can’t keep up with these kind of programs. Every day, these are created with ‘unique signature’-- the key is blocking/blacklisting these publishers.
As for software with ads or/and bundled with junkware, not sure you can block these. Since some/most are actually whitelisted. As for example, CNET.
But is “blocking” really the problem? Well no, what you are asking for is cleaning.
However, I do like your idea of “warning”. Perhaps you could submit a wish request due to popular demand.
Thank you everyone for the great suggestions.The firewall question is solved too.I just had to spend some time and configure some advanced settings and now it works the way I wanted it to.
Thanks for the Unchecky hint.I have never heard of it before.