I’ve been using Comodo v4.1.150349.920 Firewall and Defense+ on my Win 7 x64 computer and all was fine until I noticed that several of the new programs that I had installed did not receive any pop-up verifications from Defense+ in Safe Mode nor did any of them have rules present in the Defense+ Computer Security Policy. I thought this was very strange because I had not seen behavior like this since I first started using CIS v3.8.
The situation became even stranger when I discovered that v4.1.150349.920 Defense+ had not only been creating permissions for the new programs in My Safe Files, but in Safe Mode it had also automatically created rules for every .exe program stored on every external drive which was connected to the computer! I saw dozens of old and outdated programs that I used to run on my Vista x32 laptop that were stored on a 1TB Western Digital firewire drive now in being given permission to run on my Win 7 x64 computer!
What is v4.1.150349.920 Defense+ running in Safe Mode doing placing old XP and Vista programs that I never had any intention of running on my Win 7 x64 computer in My Safe Files without ever asking for a single permission? From the testing I did Safe Mode acted exactly like Training Mode only it did not place permissions in the Defense+ Security Policy, but rather added the .exe’s directly to to My Safe Files without any notification or a single pop-up whatsoever.
At first I simply removed the .exe’s from storage and purged My Safe Files which did remove them from the list, but then it occurred to me that I wasn’t solving the problem with Comodo v4.1.150349.920 I was just removing the opportunity for it to display this bizarre behavior so for now I have uninstalled v4.1.150349.920 x64 and replaced it with the old reliable v3.14.130099.587 x64 and as odd as it may sound it is comforting to see pop-ups in Safe Mode for new permissions and to see new entries going into the Computer Security Policy like they should once again. I now have just 1 program in My Safe Files that I chose to place there instead of every .exe for my Vista x32 laptop that is stored on every drive on my computer being given pre-approval to run on the Win 7 x64 computer without ever asking my permission.
~Maxx~
The problem I’m having now is that the Comodo Firewall Updater reminds me every hour that it wants to upgrade my v3.14.130099.587 back to v4.1.150349.920, but at this point I find it frightening to have Security Software that will grant automatic permission to let any any .exe whether it is compatible or not run on my Win 7 x64 computer.
They are more than likely whitelisted
nor did any of them have rules present in the Defense+ Computer Security Policy.
That is new default behaviour. No rules will be added for Safe Files in Computer and Network Security Policy; a standard rule will be applied to those programs. It helps to keep the footprint of CIS smaller; make it more responsive. You can disable this behaviour under Firewall Behaviour Settings and Defense + Settings by ticking “Create rules for safe applications”
I thought this was very strange because I had not seen behavior like this since I first started using CIS v3.8.
The situation became even stranger when I discovered that v4.1.150349.920 Defense+ had not only been creating permissions for the new programs in My Safe Files, but in Safe Mode it had also automatically created rules for every .exe program stored on every external drive which was connected to the computer! I saw dozens of old and outdated programs that I used to run on my Vista x32 laptop that were stored on a 1TB Western Digital firewire drive now in being given permission to run on my Win 7 x64 computer!
That's truly odd. Did you import old 3.14 settings or did you start from scratch?
What is v4.1.150349.920 Defense+ running in Safe Mode doing placing old XP and Vista programs that I never had any intention of running on my Win 7 x64 computer in My Safe Files without ever asking for a single permission? From the testing I did Safe Mode acted exactly like Training Mode only it did not place permissions in the Defense+ Security Policy, but rather added the .exe's directly to to My Safe Files without any notification or a single pop-up whatsoever.
At first I simply removed the .exe’s from storage and purged My Safe Files which did remove them from the list, but then it occurred to me that I wasn’t solving the problem with Comodo v4.1.150349.920 I was just removing the opportunity for it to display this bizarre behavior so for now I have uninstalled v4.1.150349.920 x64 and replaced it with the old reliable v3.14.130099.587 x64 and as odd as it may sound it is comforting to see pop-ups in Safe Mode for new permissions and to see new entries going into the Computer Security Policy like they should once again. I now have just 1 program in My Safe Files that I chose to place there instead of every .exe for my Vista x32 laptop that is stored on every drive on my computer being given pre-approval to run on the Win 7 x64 computer without ever asking my permission.
~Maxx~
The problem I’m having now is that the Comodo Firewall Updater reminds me every hour that it wants to upgrade my v3.14.130099.587 back to v4.1.150349.920, but at this point I find it frightening to have Security Software that will grant automatic permission to let any any .exe whether it is compatible or not run on my Win 7 x64 computer.
You could disable the program updater so you won't get reminded.
ErichJH- First I want to thank you for always being the first to respond to with helpful solutions to problems I’ve had with Comodo dating back to my first post here in early 2009.
Yes, I too found this very odd as I had never noticed any of these ancient programs that I had not seen in years placed in the My Safe Files in any version of Comodo that I have used back to v3.8. In fact I had opted out of trusting software vendors on the Whitelist in v4.1 as I have been led to believe here on the Forum that Whitelisting is not a 100% safe procedure either.
What really scared me is that all of these scores of old programs were given permission to run and by pure assumption placed in my Safe Files which is not the level of computer security that I have come to trust in running Comodo in that in versions past the computer operator was always had a part in the decision making process.
Thank you for explaining why new rules were not created in the Computer Security policy and I understand how a smaller footprint is important, but it really shocked me to see a laundry list of every program I had ever run or simply saved out of curiosity show up in My Safe Files having been invited in by v4.1.150349.920 Defense+ without my knowledge or consent which only served to the swell of the Comodo footprint.
You could disable the program updater so you won't get reminded.
Believe it or not I finally figured out how to do that through My Protected Files> Groups and as you said there are no more update reminders.
~Maxx~
The observed behaviour looks like what happens when installing new drivers for my graphics card or Java or so. My Own Safe Files will have a bunch of mostly .dll files added and some .exe files.
I for now have no clue to what triggers the appearance of these files. Are the files on a removable HD? USB, External SATA, Firewire drive for example.
All of the above. Two of them are 1 TB Western Digital Drives (1 Firewire and 1 USB) and the other is a 2X 1TB eSata Raid 0 Array that I just added last week and has proven to be more than 10X faster than the others when doing file transfers…
I am sure that my computer wasn’t in any danger security wise with all of those old programs automatically added to My Safe Files by v4.1 Defense + and this is probably a new feature designed to make it easier for new users, but after using Comodo v3.8 thru v3.14 I became quite used to making these kinds of decisions myself and not have v4.1 arbitrarily invite every program I have stored in 4 TB of space into My Safe Files without scanning them or asking the operator if he even wants permissions for all of all of those old unused programs bloating Comodo’s footprint on the drive.
~Maxx~
I do see files getting added to My Own Safe Files when installing (certain) programs. But seeing it spontaneously happen is not by design as far as I know. It may be a bug and that has me curious.
I am wondering what event could trigger this. Would it be the sheer fact of attaching the device? Are you willing to try the following? Remove all the entries of the external disks from My Own Safe Files with the disk not connected; purging might do the trick here as well.
What happens when you connect the disks to the computer? When nothing happens I am wondering if may be copying triggers it.
Unfortunately I no longer have v4.1.150349.920 installed on my computer otherwise I would gladly do the experiment you have described, but I did want to mention that this same phenomenon also occurred with program files stored on a partition of my computer’s 1 TB C drive.
What with the Comodo Sandbox continuously sandboxing programs I use daily (including Opera 10.70) all of which had full permission to run and v4.1 consistently scoring 200/340 on Comodo Leak Tests for me this incident was its 3rd strike and so I have decided to run v3.14.130099.587 on both of my computers until Comodo issues a newer version hopefully v5 that can run as reliably and as securely as all of the classic v3.8 thru v3.14 iterations of Comodo which have kept my computer completely Malware-free without any of the buggy behavior that v4.1 has displayed on both my Vista x86 and Win 7 x64 computers.
~Maxx~