just a suggestion: wouldn’t it be possible to simplify the password protection process, so that you wouldn’t be asked to enter it again for each setting tab? I mean wouldn’t it be secure enough to cache the password until the main CFP window is closed? thanks.
adding: I just realize that it might require an additional feature, like a cache auto-erasing tool on exit.
I guess that is a temporary solution It should not be so different.
Please Test only one thing. If you oassword protect V3 are the registry settings encrypted?
yep, hadn’t noticed that before, the password’s encrypted in the registry. Thanks for the info so no need to go through any erasing stuff like I suggested. (CFP settings in the registry are NOT encrypted, only the password, when it’s on, hope we’re talking about the same thing)
Nope I meant if the other V3 settings are encrypted. That would require a password every time you access a setting if the password was not cached.
Oops i missed part of your post 
Anyway the most secure way is to make the cached password only last an user defined amount of time in addition to the expiration after the gui is closed.
This should handle the cases when the user forget to close the gui.
I absolutely agree with your suggestion. That would be the best solution. Just another remark: CFP 2.4 was protected against unauthorized registry entries modification. That doesn’t seem to be the case with 3.0, or have I missed something? I just tried to manually modify an entry and I didn’t get an access denied message like it use to be in CFP 2.4 when the protection was on (not even passworded). And I just tried to restore a registry backup of CFP settings, access was not denied either…
Oops: my bad, although the merge of the registry backup was not apparently denied, no change was done to the settings: cool! The merge is only effective if operated once CFP has been actually terminated.
Here is the issue. Regedit is a trusted app :o
I was trying to find a workaround and I placed regedit in My pending list. It seem to work this way but I’ve not tested properly.
I guess that if this works it would be nice to have a separate override safe apps list.
Another workaround I’m testing is to block V3 files and settings in the * policy.Warning this will override all other policies included trusted and installer ones.
8)Just installed the new RC1 version (found the news on AVAST FORUM though)on my Vista Home premium Intel Dual- Core 1GB RAM 320GB HD and everything works 100% fine. Secret is to FULLY AND COMPLETELY UNINSTALL ALL PREVIOUS FIREWALL INSTALLATION. GOOD WORK, GUYS!!! :BNC
interesting. I’ve tried to put Regedit in the pending list and that didn’t change anything for me. And I just saw that a manual modification of entries, either manually or through a merging file, PRIOR to CFP termination, is taken into account once CFP is restarted (which explains the absence of an access denied message, the entries are changed, but not immediately active).
What surprises me is that the CFP registry settings are supposed to be protected, as listed in “My Protected Registry Keys” in Def+…is that a bug or is the feature not fully implemented yet? You said Regedit was in the trusted application list…wow…risky. If that’s the “secret” list CFP refers to when the firewall and Def+ are set to “train with safe mode”, there’s no way to manually modify it. So what’s left is like you said try to modify the Computer Security Policy. I can’t think of any other way. Although that would imply to have to change that policy every time a change in the settings is required. Unthinkable. And that would also block your ability to go back to the policy settings (:LGH), unless you’d leave that one unprotected…oh god…or you’d get a Def+ alert when trying to modify the settings from the gui, which you would have to answer by yes without checking the remember box…Would be all easier if CFP 2.4 “natural” registry protection was reimplemented…or to remove Regedit from the Safe apps list if that’s the issue, as, again, the registry settings seem to be already, but only temporarily protected by Def+.
What’s worrying actually is that any unauthorized change to the registry settings of CFP would be taken into account once the PC is restarted… Well I suppose Def+ would pop up an alert if that happened…the keys are watched aren’t they?
Would the changes then be blocked if you’re away from the PC, so not there to answer the alert? that’s in the case of a network attack.
Did you delete the regedit policy after you placed regedit in My pending list?
Good one I haven’t thought of that shame on me (:LGH). You’re right obviously as the old policy is still active after I put Regedit in the pending files list. I’m gonna try that tomorrow. It’s getting late here in France, 1.30 am…I’ll come back to this thread. See you guys…
Thanks. I’ve found that the RC1 version works great with Vista ONLY while the version 2.4.18.184 works equally great with XP. So…I use both…results= great firewall protection for both of my systems.
Hi Egemen, thanks for the quick reply! Didn’t know how much the order meant, but was asking about decision tree since post 1 on this forum
The suggestion is really about having a convenient way to locate an entry in the list to change the settings. Right now I have 50-60 entries, and finding the one I need is already hard. This suggests at least a filter/find functionality. Also, it would seem that the only rules where ordering really matters for D+ are those with wildcards for subjects, while all individually defined applications may be sorted without affecting D+ decisions…
OK I deleted the policy after Regedit was put in the pending files list and that seems to work. Regedit can still be launched but there are Def+ alerts for any attempt to modify any key. Another workaround is just putting Regedit in the “Quarantined” list (and in protected files as well). Launching regedit.exe becomes just impossible, without denying the system to write to the registry when needed…which is good (Windows wouldn’t run anymore otherwise) but underlines again the fact that the CFP keys remain unprotected. The first method with the pending files list doesn’t either refuse access to registry oriented apps like TweakUI(XP) or MRU blaster, which means again that in both cases the CFP settings are not really protected.
ps I’m starting to think that this post as well as others related to the same topic in this thread should may be be moved to a more appropriate section, like the one about bugs.
All apps marked as safe and trusted apps have privileged access. If you really want to obltain the same type of protection that was in V2 then you should block these keys in D+ *policy.
That has the same effect.
But from a technical standpoint the current implementation is much better. If there is a glitch I would like a way to stick with the current maximum configurability approach.
For example adding few special policies will be enough.
https://forums.comodo.com/cfp_beta_corner/cfp_3011246_rc1_general_feedbackimpressions_not_for_bug_reports-t14513.0.html;msg101284#msg101284
ok one last remark on the topic: with your recommended settings: Regedit in pending files and a brand new policy:
1st launch of regedit, new alerts from Def + , allow without checking remember, all keys are modifiable except those watched in the Def+ protected list (error message pops up: good sign!)
2d launch of regedit, again allow Def+ alerts without remembering, this time even the keys that are supposed to to be protected becomes modifiable, and CFP is modified at next start.
I tested this again but I cannot reproduce this behaviour. Both way work.
Blocking comodo keys from All applications * D+ policy works.
Regedit in my pending file list works.
I launched regedit many times. the outcome is the same. D+ mode is train with safe.
If you are unaple to reproduce this behaviour please submit a detailed bugreport. Maybe something is conflicting with V3.
You mean blocking ALL protected keys, obviously including CFP keys as they are in the list, from “all applications”. Yes, this,works.
It seems you messed with V3 quite a lot :o as It seems you are unable to block only COMODO Keys or COMODO Files/Folders groups.
Anyway IIRC it is still possible to add any entry you want to * Policy. It isn’t needed to have those entries in Protected list if you want to block them.
It seems you mess with your interpretation of many things an awful lot (:TNG). I’m quite able to manage CFP 3.0 settings, which doesn’t always seem to be your case. Thanks for trying to help, bye! :■■■■
Oh sorry I see from your posts that you are quite skilled in configuring V3 if you said it has no protection then that should be true. :THNK
Oh well I’ll follow your steps another day. (:WIN)
Thanks for your valuable feedback (:AGL)