Can I specify which unrecognized files get submitted for cloud analysis?

In settings for Defense+, there are the following options:

  • Perform cloud based behavior analysis of unrecognized files
  • Automatically scan unrecognized files in the cloud

I expect that most times I would want the unrecognized file submitted to Comodo for analysis; however, there may be files that no outsider is supposed to have (project code, encrypted files, whatever). When an unrecognized file is found, I’d like to have control over my own computer as to whether or not someone else (Comodo) gets a copy of the file.

Can I leave the 1st option enabled and disable the 2nd option to get prompted whether or not I want to submit the unrecognized file?

The help on these options indicates that the 1st option is only for behavior analysis and the 2nd option is only for checking if the file is in the master white- or blacklists (which presumably haven’t been updated yet on my host). So maybe the 2nd option doesn’t modify the 1st option and instead they are completely separate options.

If I disable the 1st (and 2nd) options, and when an unrecognized file is found, will an alert popup let me select whether to submit it at that time? Or do I have to remember to visit the Unrecognized Files list in the GUI under the Defense+ tab for CSI? Of with these options disabled do I get no choice? That is, with these options I get no choice (to not submit a file) and with them do I also get no choice (to submit them)?

While I thought of program code that is not wanted to get automatically uploaded to anyone else, another scenario that I thought of later was of private or confidential information. Say you have bank statements, credit card statements, tax forms, social security statement, and other financial or otherwise private documents that you roll up into an archive file which you convert into an .exe self-extracting archive. Since this might be an unrecognized file, it gets automatically uploaded to the “cloud” and is now in someone else’s hands.

I’d like a choice as to what gets uploaded to the cloud for analysis or scanning. Doesn’t look like I have a choice on which unrecognized files get submitted. It’s all of them or none of them. Or do I disable these options and then have to remember to occasionally review the Unrecognized Files to see which ones that I want to submit? That would happen late as Comodo would prefer immediate submissions to help update their databases and keep their detection current. Immediate submissions is preferable but only for the files that I choose at the time the unrecognized files are detected.

Please add your wish to Wishlist - CIS.

Also notice CIS Auto Submitted Confidential PDF Files back to Comodo Server.

So my choices are:

  • Enable uploading to the cloud of files stolen from my computer. This adds the server-side behavioral testing and scanning of files that are, as yet, unrecognized to the current state of CIS on my computer. Files get uploaded without my permission, without notice, and without a tracking history.

  • Disable uploading to the cloud. Forego the extra protection of latest behavioral testing and scanning up on the server. This also means the latest trusted publishers list does not get updated (according to users that want to keep this list pruned down to just Comodo and Microsoft, connecting to the cloud results in updating this list). I eliminate the theft of my files at the expense of losing some protection.

I saw no mention that the uploaded file would be destroyed after it was subjected to behavioral analysis and scanning. I understand why Comodo needs to keep a copy of my file. If they are going to generate a signature for it to add to their signature database or add a hash for it to the white/blacklists then they probably need to prove why they made that choice which means they need the exhibit on which their decisions were made. I’m guessing that a prevalent majority of the submissions to the cloud would be permitted by me while possibly some I would not allow. Understand that this isn’t just a privacy issue. It is also about theft of intellectual property since I am not afforded the choice of whether or not to grant access to a file to Comodo if cloud options are enabled.

For best security practices, which includes data/identity theft prevention and privacy, the solution is to disable all cloud options until Comodo establishes better routines on which files get submitted and restores control back to the user and possible owner of the files. Because I grant access of CIS to my files on my host to help secure my host and while I trust CIS in that aspect does not mean that I grant them carte blanche access to my files off my host for them to obtain a copy.

While Comodo’s Terms of Service policy makes statements regarding their intellectual property rights and the need for express permission, they do not extend those same rights to the properties of their users. Also, a privacy policy does not obviate the requirement for my permission.

I’m surprised by the content of the other article you mentioned that this privacy concern hasn’t already been brought up either in a wishlist or bug reporting forum here.

Thanks for replying. Rather than me repeating the content here in a new thread in the Wishlist forum, can a moderator move this thread over there?