I wanted confirmation from others first in case there was something not right with testing before asking Comodo for a response. I had a little bit of doubt somewhere even though my testing seemed solid hence why I asked for confirmation.
After a night of sleep I see the flaw in my testing. CIS still only supports TAP adapter (in Proton VPN I use OpenVPN protocol TCP with TAP).
CIS will give alerts regardless of protocol or adapter. However, when using TUN adapter or WireGuard protocol you will only get alerts for the browser accessing local loopback.
Once you are past the local loopback alerts you will not get any alerts when the browser accesses IP addresses on the internet when using TUN adapter or WireGuard protocol. You only get alerts when the browser accesses IP addresses on the internet with the TAP adapter.
I overlooked that there were no alerts when the browser tries to access IP addresses on the internet with TUN adapter or WireGuard protocol; the local loop alerts had me blind sighted.
Conclusion
Only when using the TAP adapter you will get alerts when the browser accesses IP addresses on the internet.
Running apps and all kinds of malicious applications with WireGuard will also not show any alert related to the connection to a given server, nor will it be recorded in the logs.
Hereās another leakā¦
Running apps and all kinds of malicious applications which use WinPCap or npcap will also not show any alert related to the connection to a given server, nor will it be recorded in the logs.
@tachion@CISfan
Hence why you should only use VPN with TAP adapter when using CIS for the time being. Although containment will also bring mitigation to the table when it comes to dealing with malware.
In the building trade, itās nice to talk about finishing touches when youāre still in the rough structural work , but it does put a bit of stress on you, doesnāt it?
You got conflicting information but failed to inquire. Also you failed to mention up front there was another third party firewall active at the moment of installation which could influence your findings.
We expect a beta tester to be actively inquiring conflicting findings and provide sufficient information about your configuration at the time of your findings.
You stated that Comodo is fully committed to fix everything listed in the List of current bugs and that fixing the bugs has your current focus as indictated in your above posts.
What is true about this statement and focus? Is it only false promise?
When will there be the promised bug fixes?
I donāt understand, please clarify.
Youāre wrong, I deliberately installed it on the PC where Glasswire was.
I wanted to see what was going on. Are tests forbidden? Have you published a test nomenclature yourself?
Presumably you also manage technical feedback from the beta version to the developers?
If we donāt welcome my essay comments at all anymore, how many do you think there are?
Is it encouraging or not?
Have you decided to stop all feedback? Or have you been appointed to sort them out and devalue some?
Itās rather paradoxical to have to turn your tongue 7 times in a country that is also the country of freedom of expression. Are you trying to divert attention from the betaās current problems?
Iām sure youād prefer an empty page here. No one would speak, and that would be fine with you. Why donāt you contribute to the beta process by testing something a little different that adds a different, non-linear, non-Lambda experience?
Thanks in advance.
Expert battles are all very well, but why canāt CISfan, whoās a real fan (as I am), get an answer to his questions?
I could also install a local proxy to see how CIS handles this. Will it notice that everything is decrypted on the fly?
Your post did not point to a problem with the beta. Files donāt go from unsigned to signed. To add to that I fail to see the relevance of that particular test. What was the objective of testing?
You neither gave an explanation of what you witnessed. All I see is clickbait when you say cmdagent.exe file is not signed. You did not describe how you tested, what your findings are and what explains them.
We expect a beta tester to actively inquire instead we have to pull information from you.