CFP cann't pass CPIL Test Suite by COMODO

32 bit bug reports
1

CFP cann’t pass the test1 from “CPIL Test Suite by COMODO” , isn’t it funny ? :THNK
CFP cann’t block CPILSuite.exe access the physical memory , there is no alert for that . Although CFP has this protection , maybe it doesn’t work , I have never seen a program wants to access physical memory since I installed CFP beta . I often find a program wants to access physical memory when I used SSM . Does this protection really work ?

2

Although there is an alert to tell you that cpil.exe wants to access explorer.exe in memory , if you block it , cpil.exe cann’t send message to Internet , but many programs need access explorer.exe in memory when they work , so most of persons would agree that operation , I think the most important alert should be accessing physical memory :THNK

edit
Maybe I explain too much , so that you cann’t unstand my meaning , I want to tell you that CFP cann’t block accessing physical memory .

3

So you’re complaining that if you click BLOCK (to a leak test related alert) CFP stops the traffic.

To my way of thinking, that would mean that the firewall has done what it was supposed to do - block the leaktest application from establishing a means of transmitting data without your consent.

The alerts are designed to warn the user when something out of the ordinary is occuring, not when a legitimate application is trying to do what it is supposed to do. Once the full safelist is established in CFP, the average user should hardly ever receive alerts UNLESS it is an unauthorised application attempting egress. In this case, the user would be expected to make some sort of judgement call whether to ALLOW or BLOCK the access.

Ewen :slight_smile:

4

Maybe I should change the topic to “Physical memory protection doesn’t work” :THNK
Infact , what I want to say just is CFP cann’t block a program to access physical memory , although it has this function . Surely , CFP could block the testing program , but there is not an alert to tell me that the testing program wants to access physical memory , and other HIPS softwares could tell me about that , isn’t it a problem ? Many programs must access physical memory , but when they work , CFP haven’t given me alerts about that .

5

I’ve never seen the DEFENSE+ function “physical memory” work and popup any alerts, since I updated to COMODO V3.

6

Hi Guys,

Yes. There was a bug causing this issue. It is fixed with the nest beta release.

Egemen