CIS has always been good at allowing itself to be tuned and it controls absolutely everything. I can not understand why you need to impose trusted vendors. Suppose you trust them, but why should the end users force them to trust them? Certificates can steal and sign a virus with them, which has already happened. I do not speak against the model with trusted vendors, but I am categorically against imposing this list. Previously, it was better - the user himself decided which vendor deserves trust and which one does not. Selective protection is not protection.
This means the complete destruction of the last HIPS for Windows. This is very bad.
For those who want the ability to remove trusted vendors, may I ask what does removing accomplish that you can’t accomplish by changing the vendor rating in the vendor list? Just as with the file list, you can select vendors and change their rating to trusted, unrecognized, or malicious and user rating will override comodo’s own rating for those vendors. By the way, even in the past when you removed a trusted vendor, executable’s would still be trusted if the hash of the executable is found in the online file lookup service. Also if you have the AV installed an executable can be trusted by a whitelisted file signature.
Understanding - as in the hundred of undecipherable entries
Control - of the 30 or 40 that are added from my known Running Processes and those few extra that I add - AFTER deleting the original list
Ease of use
Tidiness
Simplicity
Aesthetics
(Not necessarily in that order)
Most important to me - why does Comodo feel it necessary to lock them in now?
My standard procedure, starting with a clean computer, is to delete all trusted vendors and run Comodo Cleaning Essentials. Once finished all executables are reported as unrecognized. Sent to Comodo those who are on the whitelist become reliable and their vendor also goes to swell the trusted list. At the end of the process only the providers that have programs installed on the computer are on the list of reliable suppliers. And even then I do not know if I check the box ‘trust applications signed by trusted vendors’ in ‘file rating’, because it is one thing that a program is trusted and this is in the white list and another that all the programs of that provider be.
Not everyone comes to the Forum to complain, I guess that some of these have been removing all the list then saying CIS is blocking some of their programs so removing CIS and complaining on Social media that it is rubbish.
Focusing on stupid users leads to degradation. A non-removable list of “trusted” vendors is not even degradation, it makes CIS absolutely useless because it completely kills HIPS.
I appreciate that it’s a probable explanation, but for me it’s a killer of the entire concept of CIS
It really isn’t addressing the point, or the solution. What ‘some’ users do or post, should never dictate the operation, validity or security of a top rated security application, As soon as you ‘dumb down’ the application, you might as well give up
Could you tell us more about your system? Do you have other security programs installed? Please run clean up tools for security programs you had installed in the past to make sure a left over driver or service are not wreaking havoc.
I can confirm the Quick repair on my Win 10 1809 x64 (17663.379).
I’ll add my support to the proposal that users should be able to remove any vendor that they want from the list of trusted vendors. It would be ok to make it easy to add them back as a vendor that Comodo trusts by default by adding them to a new category like “Comodo trusted vendors that have been untrusted by user.”
We’ve had discussion here about trusted vendors list cleanup.
Our main goals with this feature were:
To make vendors rating workflow similar to file rating (as futuretech mentioned)
To reduce probability of missuse.
For now user is able to manage his rules with this feature, but for sure it has to be more convenient.
So for this release we decided to go live without removing it, and improve it’s usability in future delivery (maybe some sort of group edit for ratings).
Known issues:
- Copy/paste into contained application is disabled in this version but will be ready for RC.
Will the next release have an option to allow shared clipboard access between contained and non-contained applications?
As for the vendor list, maybe implement an import/export vendor list feature. That way users can create a backup of the default vendors using the export function, then if they delete too many vendors they can import and start over.
Clipboard is implemented, now it is in testing - we have to be sure in this feature as it is pretty sensitive in terms of security and performance. So if there will be no showstoppers we will release it shortly.
