Pardon my ignorance, as I don’t use the auto-“sandbox” feature, but does the “Automatically trust files from trusted installers” feature allow those installers to bypass the firewall as well? I assumed that was only for trusting local actions.
No; that option means that it won’t sandbox the installer
From the “Man Pages”
Automatically trust the files from the trusted installers - Files that are generated by trusted installers are also trusted. This means that they will not be sandboxed.
Hope this helps.
Jake
You don’t trust chinese firms. Why does chinese users trust your country’s company?
As you said, CIS should remove all firms in the firewall whitelist.
You’re misunderstanding the initial comment and/or the Symantec report, and/or exactly how malware and spam interact.
Most malware does indeed originate in Russia, Ukraine, China and so forth. This malware then gets onto computers in the US (thx apparently, to overly generous whitelists) turning them into zombies, which, coupled with the fact that there are more computers in the US than anywhere else, gives the US the dubious distinction of being from where a plurality of spam directly originates, if you don’t bother tracing the spam to its actual source, that is.
Please include where you have found this
That’s copied from Symantec’s report
"The United States was the top ranked country for malicious activity this quarter, accounting for 23 percent of the total. Within specific category measurements, the United States ranked first in malicious code, phishing website hosts, and attack origin categories.
Have you read the reports? Can you show the statements in the reports which indicate “Most malware does indeed originate in Russia, Ukarine, China…” Or is it just your own perception?
I’ll be glad and it will be a more valuable discussion if you can offer more solid sources of information for your statement.
True or not, these wild accusations are hurting Comodo’s reputation.
Look at this example, there are many more around the Web:
It would be great to rank white listed files and programs 1-10, with a slider to block 1-10. That would be a killer feature, and quiet all the wild accusations. (easy for me to say, I know implementation would be a challenge!) ;D
You don't trust chinese firms. Why does chinese users trust your country's company? As you said, CIS should remove all firms in the firewall whitelist.If you were born in a eastern country; and had a hospital that developed software or a security company who developed a antivirus/antispyware company and had over 10M users; wouldn't you want those software vendors be put on the list? I believe CIS should have a option whether to use the TVL or not.. .oh wait it does! It's called paranoid mode.. and also "Disable cloud features and 'trust signed installers from trusted vendors'
It will only use TVL to let you know that the package you are trying to install has a Signed Certificate which is on the TVL; but that it is all…
True or not, these wild accusations are hurting Comodo's reputation.Look at this example, there are many more around the Web:
It would be great to rank white listed files and programs 1-10, with a slider to block 1-10. That would be a killer feature, and quiet all the wild accusations. (easy for me to say, I know implementation would be a challenge!)
Not!
It’s called criticism, you ever read allegory of the cave? from plato?
People are still in the cave and never want to leave because they don’t like the variables at hand… so they stay inside those who like the outside can always run around and be free!
Also; These are all false claims with no proof:
Please provide proof that there is “bad companies” on the TVL…
Hope this helps 
Jake
[attachment deleted by admin]
Here there is only “BONZI Software” (custom TVL was flooded with all possible entries after update from 5.3…1216 to 5.3…1227).
Guess will go this way because i hate the fact my highly customized TVL was broken after update.
As for topic, i agree TVL in its current view is unacceptable… at least for me >:-D
Got an impression Comodo follows a strategy in CIS development: to satisfy the most stupid (in terms of computer and OS knowledge) users. Including TVL implementation.
So that all other users are left with choice: either to refuse completely from all useful (convinient) aspects of features like whitelist, cloud → paranoid/custom modes OR use these features in their current ugly “stupid user”-friendly view.
p.s.: TVL was asked to be modified, to become more configurable many times:
p.s.2: nevertheless i 'm grateful to Comodo they leave a choice – provide ability to opt-out from all/some “stupid user”-friendly stuff and components like AV and SB (“stupid user”-friendly stuff, too, imo).
Hey
I just have a look at the new TVL. It’s amazing. There must have been some mixing up of database.
I found a lot of banks, are they selling software now? And other interesting entries like :
Bit Wise Publishing
Big Angry Dog Ltd
Berghs Metall
Bayer Health care
Allonecommunity
American Greetings
Borsdane Wood Ltd
A&A Automobiel Advies
Asea Brown Boveri
Abraxas Energy Consulting
Adidas
Advance Chemistry Development
Alean Tour
American Association of Physic Teachers
Arts & Letters Corp
Attorneys Title Fund Services
Affinity Employer Services Ltd
Balanced Flow Supply Chain Solutions LLC
Ad Tools
Apartment Superstorer Pty Ltd
and that’s just a small sample of a lot of surprising names in the list.
Is it still a list of trust software vendors or trusted sites? I must confess that I don’t feel at ease with the new TVL.
No, but many have proprietary security software, that you must use if you want to do online banking.
Heard of Web apps?, Branded toys, gifts and other little executable goodies?, Screensavers and the like?
My 2cents on the making it easy to remove the TVL.
Comodo had to decide between -
Having a few conspiracy theorists and paranoid types complaining.
And
Making it easy for potentially thousands of zealous button mashers who “think” they know what they’re doing, to brick their PC’s with just a click or two.
Just my opinion.
Bad
+1
I too deleted all trusted vendor entries the last time manually one by one.
Comodo just should provide a way to delete them all.
I too don’t trust Chinese firms and imo COMODO is putting too many dubious firms in their list. Dubious as in origins.
+1 (me too!)
I personally have never touched the settings in CIS on my primary PC and i been using it since day one i suppose. In those years now that it has been around i can safely say my primary has never been infected with anything. As i have always said… Seeing it for my self first hand that says alot and will always keep me coming back…
Wanting to remove the entire or selected entries in the whitelist does not amount to paranoia, it amounts to an end user’s choice. Also, it appears its easier & quicker to get a name onto the whitelist via various threads than it is to get any action on the wishlist thread to gain more control over the whitelist.
Anyway if users dont want the thousands of entries whitelist in v5.3 they can always go back to an earlier version such as 4.1 which I am using, with no problems at all, and a much leaner whitelist to deal with as well as (at least on my XPSP3) a less troublesome build compared with 5.3.
If the guys talking about the spam/viruses/malware etc. bothered to do some more research they would find out that the “data” changes every month and differs from source to source. I’ve seen recent reports that say that the number one source of spam/spyware etc. is China. In some other report it was Russia, in another one it was the U.S., Brazil, Turkey, South Korea, India etc. etc. The thing is that in reality spam and such is not that easy to trace to its REAL point of origin. There are only a few “organizations” that actually can do it and it’s not some news agency or an antivirus software company… it’s not their job anyway. All they can do is to trace it to the last server and/or ISP and that’s were most of the reports we read on the Internet are based on and which makes most of them not accurate. To actually trace it to its original point of origin takes some time and resources which they don’t have. What most of the reports do agree on however is that over 80% of spam/malware etc. comes from a few botnets, which origins of can not be pinpointed otherwise they would be already taken down, and thousands of “zombie” computers which they infected. If I wanted to send spam or infect other computers I would definitely not be using servers/ISP that would make it easy for others to trace it back to me. I would use servers that are located in another country and/or continent.
And really… statement like “their government and media always misleads the public and shifts the responsibility to other nations” is ignorant because you don’t know anything about “their” government and/or their media unless you actually live there. Anyone can say that your government and your media does exactly the same and most likely they would be right. Incidentally, governments are from the few “organizations” that actually have the capability to trace this kind of online activities.
Besides, who cares were the spam/spyware originates from? It affects many of the people that go online and it originates (mostly) from people that have nothing better to do. That’s were the firewall/antivirus comes in.
I do believe that a firewall should not include any predefined “trusted” vendors/software etc. by default. It should have a white and black lists but they should be empty. It should be up to the end user who he/she will trust.
However, if Comodo wants to make it easy for users that are not sure whom to trust but they do trust them then Comodo staff could add a “download/populate list” button on the trusted vendors tab to download the list directly from Comodo servers. Another solution would be to add a “purge/delete list” button for people that don’t want the list.
Either way and since, if I’m not mistaken, there were already quite a few posts regarding this matter something should be done about this because we will be reading about it in many more posts in the near future.
Assume what you say are correct. Then, it implies that there is no evidence that “Most malware does indeed originate in Russia, Ukraine, China…” So, how can one blame these countries. :-[ :-[ :-[
With www, TV, international magazines, one really don’t need to be live in US to known what their government and media say unless you just contraint youself to your local media and news.
I really don’t find this post useful and adding values. This post just distract the key issues in the subject. There are quite a few other posts below discussing TVL and malware in a more sensible and objective way.
http://forums.Comodo.com/news-announcements-feedback-cis/tvl-vs-signed-malware-t67291.0.html
http://forums.Comodo.com/news-announcements-feedback-cis/malware-using-signed-signatures-merged-topic-t66609.0.html
Global strategists like this one instead of preaching about Comodo’s choices would better to try to think WHY discontent exist: if TVL would be easily disabled without paranoid mode and would allow easy removal of bunch of entries, that discontent would not have started. Add to this developer’s disregard about suggestions about TVL modifications:
Depends on the source. Just because you read it online or in a magazine or saw it on TV doesn’t mean it’s true.
You mean this entire thread or just my post? I think some posts in this thread make good points.
So, where do you get most of your government and media news particularly related to other nations??? You have direct contacts with your government agency and media ???
I mean the entire thread and I find most sensible points here have already been mentioned in the other threads. So there is little added value here and this thread is just distracting the key issues and real enhancements need be done for TVL.