CIS seems to be a big problem - beware!!

US top the list in malware activities in Symantec’s report. So this is a problem for some firms in US? There were thousands of them. So why include US firms in TVL ??? ??? ???

Please stop that kind of meaningless statement.

But as far as the location of the actual spammers themselves, well, the majority of them are right here in the United States of America which is responsible for nearly 20% of the entire world’s spam; this is twice the amount of the nearest competitor, China. Russia comes in third place providing just over 6% of the world’s unsolicited commercial e-mails, followed by Brazil and finally, the country of Turkey.

From “Where Does Most of the Worlds Spam Come”
http://www.perimetec.com/all-about-spam/where-does-most-of-the-worlds-spam-come-from.php
Also in Sophos: USA is world’s most guilty spam nation
http://www.thetechherald.com/article.php/201041/6287/Sophos-USA-is-world-s-most-guilty-spam-nation

(When looking at facts and figures, US is usually the one need to be responsible for a problem. But their media and government always misslead the public and shift the responsibility to other nations.)

*bump back to the top

My apologizes :■■■■

I changed 1 word in the title to a more appropriate one

bump

abr raises some valid questions.
and others like …

  1. who decides which companies go on the trusted list and how are those conclusions drawn. there must be millions of companies using the internet and Comodo cant test them all. so whats the process - who approaches/solicits who and what checks are done and who gets what out of the deal?

  2. why would a reputable firewall have a default setting that allows companies through? surely the job is to block intruders until the owner can assess who enters or not. [the owner being the person with the data/hardware that needs protection.] wouldnt it be more ‘secure’ to have an unchecked list of potential trusted companies that the owner can then browse and check at will. i dont buy the line ‘if you dont like it, uncheck it’ or ‘change your settings’. thats like letting ten thousand people into your house and saying, you sort out who stays and who goes. thats not the job of a protector.

out of the box setup should be at maximum security with an easy walk thru tutorial that allows the owner to tone down/allow where desired, tailoring the system to their individual needs. common sense.

user data and profiling is where the big money is these days. [facebook, google etc]
youd hate to think the very system designed to protect you is actually involved in the process.

awaiting your reply.

I think perhaps you are confused about the topic at hand? It has nothing to do with websites. CIS doesn’t filter websites. In fact, that isn’t a firewalls job.

edited for clarity.
this issue remains…
back to you.

1. who decides which companies go on the trusted list and how are those conclusions drawn. there must be millions of companies using the internet and Comodo cant test them all. so whats the process - who approaches/solicits who and what checks are done and who gets what out of the deal?

Who? Comodo Does; I’m sure that they can; their core business is handling SSL/Code Signing Certs so they had a foot in the door before they even thought about rolling out CAVS/CFW/Trustix.
Again; You are accusing… Please don’t accuse unless of course you have evidence.

2. why would a reputable firewall have a default setting that allows companies through? surely the job is to block intruders until the owner can assess who enters or not. [the owner being the person with the data/hardware that needs protection.] wouldnt it be more 'secure' to have an unchecked list of potential trusted companies that the owner can then browse and check at will.
Must understand; CIS Operates on defualt deny not defualt allow system.. Reason why alot of application are allowed is either 1: on safe list 2: on TVL 3: The user put CIS in Training Mode or Disabled :)

You can throw the firewall on custom policy where it ignores the whitelist/TVL so it’s completely up to you; also you can increase the alerts settings so you can either decide pure IP all the way down to a one time application

It’s by defualt usability for the not so technical users; and also can be configured for those network admins and users alike.

i dont buy the line 'if you dont like it, uncheck it' or 'change your settings'. thats like letting ten thousand people into your house and saying, you sort out who stays and who goes. thats not the job of a protector
That metaphor doesn't even make sense to me especially if you are comparing the settings of Defense+/Firewall/AV.. ; could you clarify a bit more.

It’s more like would you like 5 inch steel door or a 2 inch steel door; that would be a valid arguement :slight_smile:

out of the box setup should be at maximum security with an easy walk thru tutorial that allows the owner to tone down/allow where desired, tailoring the system to their individual needs. common sense
This paragraph contridicts its self.. Hint Hint: 15Million Users; Most Likely 7 Million of them are not so technical (I don't know the stats but just throwing a number out there) So; Instead of arguing and bickering; how about you suggest a method so that Comodo could implement to not provide 100 pop ups for one simple application but yet have so called maximum security? ; because it's very very difficult to have "Maximum" Security while having "User-friendly".. but I think CIS is the closet Security Suite that comes even close to it... PS There is no such thing called 'Maximum' Security;

a Manual? you mean this? www.help.comodo.com ?

Hope this helps

Jake

Pardon my ignorance, as I don’t use the auto-“sandbox” feature, but does the “Automatically trust files from trusted installers” feature allow those installers to bypass the firewall as well? I assumed that was only for trusting local actions.

No; that option means that it won’t sandbox the installer

From the “Man Pages

Automatically trust the files from the trusted installers - Files that are generated by trusted installers are also trusted. This means that they will not be sandboxed.

Hope this helps.

Jake

You don’t trust chinese firms. Why does chinese users trust your country’s company?
As you said, CIS should remove all firms in the firewall whitelist.

You’re misunderstanding the initial comment and/or the Symantec report, and/or exactly how malware and spam interact.

Most malware does indeed originate in Russia, Ukraine, China and so forth. This malware then gets onto computers in the US (thx apparently, to overly generous whitelists) turning them into zombies, which, coupled with the fact that there are more computers in the US than anywhere else, gives the US the dubious distinction of being from where a plurality of spam directly originates, if you don’t bother tracing the spam to its actual source, that is.

Please include where you have found this

That’s copied from Symantec’s report
"The United States was the top ranked country for malicious activity this quarter, accounting for 23 percent of the total. Within specific category measurements, the United States ranked first in malicious code, phishing website hosts, and attack origin categories.

Have you read the reports? Can you show the statements in the reports which indicate “Most malware does indeed originate in Russia, Ukarine, China…” Or is it just your own perception?

I’ll be glad and it will be a more valuable discussion if you can offer more solid sources of information for your statement.

True or not, these wild accusations are hurting Comodo’s reputation.

Look at this example, there are many more around the Web:

It would be great to rank white listed files and programs 1-10, with a slider to block 1-10. That would be a killer feature, and quiet all the wild accusations. (easy for me to say, I know implementation would be a challenge!) ;D

You don't trust chinese firms. Why does chinese users trust your country's company? As you said, CIS should remove all firms in the firewall whitelist.
If you were born in a eastern country; and had a hospital that developed software or a security company who developed a antivirus/antispyware company and had over 10M users; wouldn't you want those software vendors be put on the list? I believe CIS should have a option whether to use the TVL or not.. .oh wait it does! It's called paranoid mode.. and also "Disable cloud features and 'trust signed installers from trusted vendors'

It will only use TVL to let you know that the package you are trying to install has a Signed Certificate which is on the TVL; but that it is all…


True or not, these wild accusations are hurting Comodo's reputation.

Look at this example, there are many more around the Web:

It would be great to rank white listed files and programs 1-10, with a slider to block 1-10. That would be a killer feature, and quiet all the wild accusations. (easy for me to say, I know implementation would be a challenge!)

Not!
It’s called criticism, you ever read allegory of the cave? from plato?
:slight_smile: People are still in the cave and never want to leave because they don’t like the variables at hand… so they stay inside :slight_smile: those who like the outside can always run around and be free!

Also; These are all false claims with no proof:
Please provide proof that there is “bad companies” on the TVL…

Hope this helps :smiley:

Jake

[attachment deleted by admin]

Here there is only “BONZI Software” (custom TVL was flooded with all possible entries after update from 5.3…1216 to 5.3…1227).

Guess will go this way because i hate the fact my highly customized TVL was broken after update.

As for topic, i agree TVL in its current view is unacceptable… at least for me >:-D
Got an impression Comodo follows a strategy in CIS development: to satisfy the most stupid (in terms of computer and OS knowledge) users. Including TVL implementation.
So that all other users are left with choice: either to refuse completely from all useful (convinient) aspects of features like whitelist, cloud → paranoid/custom modes OR use these features in their current ugly “stupid user”-friendly view.

p.s.: TVL was asked to be modified, to become more configurable many times:

p.s.2: nevertheless i 'm grateful to Comodo they leave a choice – provide ability to opt-out from all/some “stupid user”-friendly stuff and components like AV and SB (“stupid user”-friendly stuff, too, imo).

Hey
I just have a look at the new TVL. It’s amazing. There must have been some mixing up of database.

I found a lot of banks, are they selling software now? And other interesting entries like :
Bit Wise Publishing
Big Angry Dog Ltd
Berghs Metall
Bayer Health care
Allonecommunity
American Greetings
Borsdane Wood Ltd
A&A Automobiel Advies
Asea Brown Boveri
Abraxas Energy Consulting
Adidas
Advance Chemistry Development
Alean Tour
American Association of Physic Teachers
Arts & Letters Corp
Attorneys Title Fund Services
Affinity Employer Services Ltd
Balanced Flow Supply Chain Solutions LLC
Ad Tools
Apartment Superstorer Pty Ltd

and that’s just a small sample of a lot of surprising names in the list.

Is it still a list of trust software vendors or trusted sites? I must confess that I don’t feel at ease with the new TVL.

No, but many have proprietary security software, that you must use if you want to do online banking.

Heard of Web apps?, Branded toys, gifts and other little executable goodies?, Screensavers and the like?

My 2cents on the making it easy to remove the TVL.

Comodo had to decide between -
Having a few conspiracy theorists and paranoid types complaining.
And
Making it easy for potentially thousands of zealous button mashers who “think” they know what they’re doing, to brick their PC’s with just a click or two.

Just my opinion. :slight_smile:
Bad

+1

I too deleted all trusted vendor entries the last time manually one by one.

Comodo just should provide a way to delete them all.

I too don’t trust Chinese firms and imo COMODO is putting too many dubious firms in their list. Dubious as in origins.