Comodo "ThreatFire"

An intelligent behavior-blocker with customizable rules just like the former PCTools’ Threatfire. It is fast becoming obsolete I’m afraid. And I see no development or improvement with it. The beta that was supposed to address issues such as slowdowns in launching the gui, start-up and shutdowns were never addressed and I feel that there is more to improve on such and effective and wonderful software.

It is the way avast is taking instead of auto-sandboxing.
I know CIS and avast have different approaches/policies.
The behavior scanner could make CIS more user friendly and reduce the sandbox questions.

I absolutely agree with this. ;D

Hi Tech,

In order to reduce “sandbox questions” - the sandbox has to be a sandbox :wink: providing full virtualization
There are many, and are free and working perfectly, compare to what Comodo developed
As for the behavior scanner 88) What do you mean by that?
CIMA cannot possibly replace a decent Behaviour Blocker (BB) ever

Then, as it was pointed in other threads/discussions Comodo developers were promising standalone BB for a long time and recently it was confirmed they are committed to implement that
at least EricJH as a moderator who has access to information confirmed that
https://forums.comodo.com/news-announcements-feedback-cis/what-is-new-in-pure-firewall-v5-t61837.0.html

Cheers!

I’m not saying the sandbox should be anything else than a full sandbox (and virtualizator).
Just that infected files could be detected easily, removing the need of the user to answer questions.

I don’t know CIMA in details.
What I’ve meant is a behavior blocker is a good tool to improve protection and usability.

somehow im feeling thet the infamous DACS will like this comodo threatfire
but will scan the file behavior before being opened, like an antivirus or the cloud but offline

Might I ask, who’s/who’re DACS? ???

Behavior Blocker does not scan “like an antivirus or the cloud”
What do you mean by that? ???
“Comodo threatfire” ? 88) … are you creating terminology of non existent entities?

As the ancient philosophy stated: “do not create new entity if the one exists already”
… the same way do not create the new one if there is nothing yet to talk about
DACS ? who at this point knows what that suppose to mean?

as posted previously

My regards

You misunderstood. the title was Comodo “Threatfire”. Threatfire was quoted without including comodo. It is not a creation of a new entity, but an implication that comodo make a software similar to one that exists. Comodo will be the one to give it a name, hence, without a name, I must give one. Although one would argue that it is better to use the term “behavior blocker” than the product’s name itself, there is such a device in literature and language in general that makes use of references to persons, events, objects, places that are usually widely recognized (in this case, Threatfire) to create a mental image within the readers minds. We call this an allusion. Since I’d like comodo to create a behavior blocker similar to threatfire, alluding to it is the best way to say it so.

for DACS, kinemitor is quoted refering to this entity. If he knows about it, it is possible that it exists. How else could he refer to it? If it were to be of some mistake, then he would correct it. Never rule out possibilities unless they are proven false. That is a general rule in research. You assume only if you have sufficient evidence to base your claims on.

As for the scanning part, it is possible that kinemitor is actually saying “analyze”. Not everyone is gifted in language, my friend. This was what Threatfire does. It analyzes the behavior of an application as it is accessed. However, we can read in their description of threatfire in this site: Official Site | Norton™ - Antivirus & Anti-Malware Software

Patent-pending ActiveDefense technology [b]intelligently scans and analyzes[/b] computer processes to detect and block any malicious activity - without false positives!

So I suppose kinemitor is excused for this one. And Threatfire does a scan for rootkits although I’m quite sure this was not what he intended to mean.

I have not heard of this quotation and I tried looking for it, to no avail. Are you implying that we should not create an new entity if something like it already exists? Well, my answer would that would have been “Why not?”

We create something similar to another thing, but never the same. For one must be better than the other. We create new things based on existing ones to improve on them. If we were to talk about it in philosophical quotes, I do remember reading something that goes like 'To cope with the world, any entity must develop the capacity to shift and change – to develop new skills and attitudes", or something like that. I’ve forgotten who had said it.

And another saying that said, “What worked yesterday is the gilded cage of tomorrow”. And frankly, I agree. People have become so content that they always ask, “What’s wrong with it?” I always find myself asking back, “Can’t we try and improve it?”

And my personal favorite, Charles Handy saying, “You have to stand outside the box to see how the box can be re-designed”. Well, what he’s implying is that we should look in a different perspective, but there’s another underlying meaning in his words that can be derived from what he said. Look closely. “The box can be re-designed.” Roughly translated, this may mean, things can still improve. Threatfire can still be improved. It just takes a small amount of inspiration and a whole lot of dedication. Everything else would follow. :smiley:

Yes. I made a typo - it should be “…if the one exists…” :wink:
Cheers!

p.s. William Occam as far as I know was one of the first who stated & tried to prove that … usually it’s is leading to absurdities.
Sure my translation may not be the best :slight_smile: (who has doubts?) but I am sure - that is close

!ot! !ot! !ot!
Occam? You mean William of Ockham right? Yes, yes. I have read his works and yes, I know his infamous Occam’s Razor. And no, it’s not ancient and that’s not what it means. I am writing this to avoid future confusions with the quote.

His original quotation you are referring to, I believe, is “Entia non sunt multiplicanda praeter necessitatem” which roughly translates to “Entities should not be multiplied to more than (what) is necessary”. His logic works for most scientific thoughts. It was meant to remove the metaphysical from what should be scientific explanations. The logic behind it is that we should always use as an explanation that which clearly explains the phenomenon. Not some other proofs imperceivable by the senses. Hence, it argues for empiricism.

However, the problem behind this idea is that it completely rules out everything imperceivable by the senses, automatically deducing they are non-existent. If it had been applied, the molecular theory as we know it, would be non-existent nor would anyone, if say, everyone believed in it, pursue it.

To contradict this mentality, Paul Dirac wrote, “The research worker, in his effort to express the fundamental laws of Nature in mathematical form, should strive mainly for mathematical beauty. It often happens that the requirements of simplicity and beauty are the same, but where they clash the latter must take precedence.” He argues that Occam’s Razor cannot replace man’s gift of insight, logic and the scientific method to which I strongly agree.

Nothing about the quote of William says nor was there any intention on his behalf to say that there be no more conception of ideas as your statement implies:

“Comodo threatfire” ? Roll Eyes … are you creating terminology of non existent entities?

As the ancient philosophy stated: “do not create new entity if the one exists already”
… the same way do not create the new one if there is nothing yet to talk about
DACS ? who at this point knows what that suppose to mean?

Otherwise, mathematics, science (particularly quantum physics and dark matter, antimatter and the like) and religion for that matter would cease in its development. His principle cannot be used to rule out anything as the principle cannot be used to deduce the non-existence of anything, perceivable or not. [transition to topic]

Now, going back, I do hope that Comodo make a version of threatfire. It wouldn’t hurt to give it a try. The wonderful thing about Threatfire is that it does not consume too much bandwidth and is quick to startup (in my experience of course).

Nice post indeed and I mean it. Thanks

William of Ockham …also Occam, Hockham, or any of several other spellings, pronounced
… (c. 1288 – c. 1348) you may not call it ancient , if you want ;D

At the same time, as I said it was “one of those” (not the only one) who stated that if the entity/ the concept exists already, being proven or not yet - there is no point to create “the same” naming it differently

Well at least that’s my philosophical point … if I may , heheh!

If you like having “Comodo’s ThreatFire” as a name who can stop you :wink:

Cheers!

Thank you very much. ;D

Not necessarily. Like I said, I was merely alluding to it. :slight_smile: Hm. or maybe they could put in a behavior blocker in cis. although i’d really appreciate a standalone :wink:

i don’t understand what you mean by this statement. can you word it differently

An independent/stand alone Threatfire-like Behavior Blocker and/or a Behavior Blocker integrated into CIS, sounds like a good idea to me. :-TU