Well, after two days of gaming with v3 I have some words to say.
Xcuse me if it’s already said in other topics but I don’t wanna read all 40+ topiclist pages.
- Common feelings.
Making products for housewifes ain’t good way in security area. It’s some low level of complexity here and falling below it makes more problems than that complexity by self.
Unfortunately seems like COMODO in they tries to make things “very easy” goes too far and got absolutely different result.
How said somebody of IT-Gurus (unexact quote): “make a system that can b used even by fool and only fool will use it”.
- HIPS rules too hard to understand (to read).
Here is no way to see that some additional data filled into app rules except stupid way to open “App Rules” than “Access Rights” and then clicks on every “Modify…” button and than on every of two tabs. What’s more - in a case of “mass” exploring app rules - after closing “Modify” dialog last clicked button doesn’t marked (even by std dotted “focus” frame) and user can’t see which button was clicked last and which details should b opened next.
IMHO it isn’t too hard to mark settings that contains additional details. For example by bolding that silly “Modify…” text. Or by changing it to “Edit” or “Set” followed with something simple text symbols like “…[o] [o]” / “…[+] [o]” / “…[+] [-]”. Sure that hidden sacral meaning of that symbols understable even for interface designers. Again it isn’t too hard to marks an app rules in a main list (“computer sec. policy”) according to presence of such settings. And again it can b done by simple “+” after app name.
- The “skins” too slow in some cases.
And when protection set to manual confirmation sometimes CFP makes two jobs - grabs and stacksrequests from program that waits for user decision and draws thiese cool coloured, flawored and smelled bells and wristles like three-four-five-etc-state checkboxes and buttons. This noticeable especially with some programs that uses on-screen effects like transparent windows and popups or even when opened a SysInternals ProcessExplorer (that hooks screen too). And this looks, ughm… strange and makes feelings of too expensive program (i mean CFP) - for example checkbox “remember” are clicked already but a text drawn “skinned” while check sign still not coloured but plain old black, and wents greenish after some delay only. Pls note that my PC are fast enough for many everyday programs.
- Configuration editors doesn’t shows real configuration.
When a config editor window opened they shows just “snapshot” at a time of opening. And if CFP pops up some request and user confirms it and sets up “remember” flag than config edit window doesn’t reflect changes. Moreover when a config editor closed with saving (via “Apply”) so just that displayed config are writen back and result of user answer onto popup are lost.
- Config saved too lazzy and some changes losts on reboot.
I was tired when three or four times after every reboots I’ve seen goddamned popus abt connections with addresses or ports that was already added as groups. And only when I’ve looks into “my net groups” I’ve seen that may groupnames are reverted back to std. And of cause all rules that refers to “LAN” group goes invalid because here is no such group but std “Local Area…” are here.
Looks stupid by I’ve got my custom netgroup names only after editing them then shutting down firewall than starting it again.
- FW and HIPS rules (and politics) doesn’t related no way
For example, it’s impossible to create rule like “Advanced file manager” that allows direct disk access but denies any network.
=================================================================
2b continued. May b.