CIS seems to be a big problem - beware!!

+1 (me too!)

I personally have never touched the settings in CIS on my primary PC and i been using it since day one i suppose. In those years now that it has been around i can safely say my primary has never been infected with anything. As i have always said… Seeing it for my self first hand that says alot and will always keep me coming back… :slight_smile:

Wanting to remove the entire or selected entries in the whitelist does not amount to paranoia, it amounts to an end user’s choice. Also, it appears its easier & quicker to get a name onto the whitelist via various threads than it is to get any action on the wishlist thread to gain more control over the whitelist.

Anyway if users dont want the thousands of entries whitelist in v5.3 they can always go back to an earlier version such as 4.1 which I am using, with no problems at all, and a much leaner whitelist to deal with as well as (at least on my XPSP3) a less troublesome build compared with 5.3.

If the guys talking about the spam/viruses/malware etc. bothered to do some more research they would find out that the “data” changes every month and differs from source to source. I’ve seen recent reports that say that the number one source of spam/spyware etc. is China. In some other report it was Russia, in another one it was the U.S., Brazil, Turkey, South Korea, India etc. etc. The thing is that in reality spam and such is not that easy to trace to its REAL point of origin. There are only a few “organizations” that actually can do it and it’s not some news agency or an antivirus software company… it’s not their job anyway. All they can do is to trace it to the last server and/or ISP and that’s were most of the reports we read on the Internet are based on and which makes most of them not accurate. To actually trace it to its original point of origin takes some time and resources which they don’t have. What most of the reports do agree on however is that over 80% of spam/malware etc. comes from a few botnets, which origins of can not be pinpointed otherwise they would be already taken down, and thousands of “zombie” computers which they infected. If I wanted to send spam or infect other computers I would definitely not be using servers/ISP that would make it easy for others to trace it back to me. I would use servers that are located in another country and/or continent.

And really… statement like “their government and media always misleads the public and shifts the responsibility to other nations” is ignorant because you don’t know anything about “their” government and/or their media unless you actually live there. Anyone can say that your government and your media does exactly the same and most likely they would be right. Incidentally, governments are from the few “organizations” that actually have the capability to trace this kind of online activities.

Besides, who cares were the spam/spyware originates from? It affects many of the people that go online and it originates (mostly) from people that have nothing better to do. That’s were the firewall/antivirus comes in.

I do believe that a firewall should not include any predefined “trusted” vendors/software etc. by default. It should have a white and black lists but they should be empty. It should be up to the end user who he/she will trust.

However, if Comodo wants to make it easy for users that are not sure whom to trust but they do trust them then Comodo staff could add a “download/populate list” button on the trusted vendors tab to download the list directly from Comodo servers. Another solution would be to add a “purge/delete list” button for people that don’t want the list.

Either way and since, if I’m not mistaken, there were already quite a few posts regarding this matter something should be done about this because we will be reading about it in many more posts in the near future.

Assume what you say are correct. Then, it implies that there is no evidence that “Most malware does indeed originate in Russia, Ukraine, China…” So, how can one blame these countries. :-[ :-[ :-[

With www, TV, international magazines, one really don’t need to be live in US to known what their government and media say unless you just contraint youself to your local media and news.

I really don’t find this post useful and adding values. This post just distract the key issues in the subject. There are quite a few other posts below discussing TVL and malware in a more sensible and objective way.
http://forums.Comodo.com/news-announcements-feedback-cis/tvl-vs-signed-malware-t67291.0.html
http://forums.Comodo.com/news-announcements-feedback-cis/malware-using-signed-signatures-merged-topic-t66609.0.html

Global strategists like this one instead of preaching about Comodo’s choices would better to try to think WHY discontent exist: if TVL would be easily disabled without paranoid mode and would allow easy removal of bunch of entries, that discontent would not have started. Add to this developer’s disregard about suggestions about TVL modifications:

Depends on the source. Just because you read it online or in a magazine or saw it on TV doesn’t mean it’s true.

You mean this entire thread or just my post? I think some posts in this thread make good points.

So, where do you get most of your government and media news particularly related to other nations??? You have direct contacts with your government agency and media ???

I mean the entire thread and I find most sensible points here have already been mentioned in the other threads. So there is little added value here and this thread is just distracting the key issues and real enhancements need be done for TVL.