Is there an FAQ entry or warning regarding this problem and are measures to minimize impact discussed anywhere besides this thread?
Has there been any feedback regarding this?
Latest i know of is that they are aware of this issue but it’s not high priority.
You can prevent the huge delays by making most of the applications “trusted” instead of custom.
Just don’t make browsers/email clients / torrent apps etc trusted, they have to much internet interaction and could therefore be exposed to exploits from the internet.
Hm, at the moment, I’ve for
HIPS: 4155 Subkeys with 7869 values in the policy key
Firewall: 414 Subkeys with 1408 values in the policy key
And making any application “trusted” isn’t a goog solution! Consider that trusted applications have far too much rights, which isn’t needed for most applications. For example, trusted applications may access the complete registry by default - and this means also your D+ and Firewall settings! They may also access your system directories! Then you can also disable D+ completely…
Do you really trust all your applications? Can you be sure, that the programmers did all right and the application won’t do anything, which ruins your setup?
Well making an app “trusted” is not always “bad” i agree you will “lose” some extra protection.
As i have run most of those apps for several months now and i know what they do, i had to chose between performance and security and i decided to “leave” a little security and gain a lot of performance.
So it’s up to your personal feeling about trust and security if you decide to go with the ‘trusted’ apps or not.
I don’t understand why this is not high priority. It renders CIS quite unusable after a few weeks. OK, not exactly unusable but clearly annoying as hell.
It’s the small things that makes CIS not the top solution at the moment. Like in the D+ Computer Security Policy dialog where you can’t select multiple entries and change them to “trusted” (for example). This is annoying.
I have to completely agree with this poster. My felling is the same. It’s a simple fix and should’ve already been done (yes i know it’s free software so we shouldn’t complain, but this is an old easy to fix problem and very annoying). Use for example sqlite instead of the registry to save settings, i’m sure it would be much faster and cleaner.
Can you great devs fix this please? :■■■■
Then I’ll lose to much time on my production system, i have to be working around things.
I use 2 approaches.
- only applications that are local are trusted.
- applications that need internet connection are always custom.
I’d like to run everything custom but that simply takes to much of my companies time.
Best solution is really for the great comodo devs just change the storage in the registry to another thing like sqlite. I think it is an easy fix and would be a great freature to have done by the time RC or final is out!!! (:WIN)
One way to deal with this issue is to use an approach that minimizes the ruleset size in the registry. One such approach is detailed at https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/an_approach_for_configuring_defense_for_many_fewer_alerts-t36657.0.html.