DACS Released (Distributed and Collaborative Scanning)

http://www.melih.com/2010/12/23/anti-virus-companies-are-protecting-criminals-not-anymore-thanks-to-dacs/

[QUOTE]We can empower end users! By giving them DACS! By giving end users an ability to use ALL the AntiVirus engines to scan their files, practically and for free!

So we built the DACS :slight_smile: Distributed and Collaborative Scanning.
[/quote]
Will be added to Comodo Internet Security in future versions but first will be avaliable on-demand as a standalone app.
Comodo IS and DACS will be FREE as always.
The beta will be available soon (I would say in a few days)

Please read this quotes that explains better how it works:

[QUOTE]Its the end user who decides to scan a file and tell the result to the community.
[/quote]

[QUOTE]All DACS is concerned with is the infected or not verdict. When the file is scanned, it will use whatever capabilities the hosting user has enabled on their AV for on-demand scans. Then when the AV makes a determination about the file, this result is sent back to DACS.
[/quote]

[QUOTE]It will be compatible with more than 40 AV’s
[/quote]

[QUOTE]End user has AV xx installed on his system and wishes to participate in DACS for the good of the community. They will install a plugin that allows communication with DACS (through EasyVPN).

Now when a Comodo user scans a file that is unknown, DACS will send this file to the participants with various AV’s installed. Those AV’s will scan the file, and the result is sent back to DACS. DACS in turn will gather results from all of the supported AV’s.
[/quote]

[QUOTE]How many people is needed to make this system work?

no more than 80 people…

we already have these volunteers and their systems are already setup…

its only the “unknown” files that has to be scanned…actually the amount of load on the DACS networks is NOT that much for scanning. the sytems are all ready. As a matter of fact, we don’t want many contributors. Just trusted community members to make sure we don’t have any issues with “data poisioning” etc… So we are quite happy with the current level of contributors we already have and grateful to them. And the current level is more than sufficient to handle the volume. We know the volume because all the unknown files get sent to Comodo for analysis via sandbox anyway, so this tells us the approx volumes for DACS network.
[/quote]

[QUOTE]Thank you guys, we will most definitely keep you guys in mind. There is a very strict qualification process for the contributors. Because we want to make sure what is fed to the community is nothing but the best about the scan results. We don’t want some “upset” people/companies to come be a contributor and start feeding false results. And also there really isn’t a need for anymore than a handful number of people which we already have got…

but thank you again.
[/quote]

[QUOTE]A user scans a file and tells the community if that file is good or bad.

what is wrong with that?

Is a user allowed to scan a file?
yes.
Are they required to keep the result of that file secret?
No.

As you will appreciate, we have spent quite few $$ on the legal advice for this for many months. We are confident about our position. Its about time make the AV industry honest! DACS will force their hands! And at the end, end users benefit and this has been our aim from day one!
[/quote]

Sources: https://forums.comodo.com/news-announcements-feedback-cis/dacs-released-distributed-and-collaborative-scanning-t66827.0.html
https://forums.comodo.com/news-announcements-feedback-cis/whats-dacs-and-what-does-it-stand-for-t65415.0.html

sounds promising , but Melih didn’t say how it is gonna work exactly , is it gonna be like the cloud feature ?

so the unknown files in the sandbox are sent to dacs to scan it ?? I don’t think so , there is no sandbox now and dacs is integrated in cce ! which is an on demand cleaning software …

I think it will be like hitmanpro so only the suspicious files are sent to DACS to be scanned … maybe , who knows , only time will tell

maybe it works with the File Intelligence Service, or like VirusTotal.
The results are shared on a server.

If it’s a P2P service where you download files from other people, like the post mentioned, ■■■■■ DACS.

End user has AV xx installed on his system and wishes to participate in DACS for the good of the community. They will install a plugin that allows communication with DACS (through EasyVPN).

Now when a Comodo user scans a file that is unknown, DACS will send this file to the participants with various AV’s installed. Those AV’s will scan the file, and the result is sent back to DACS. DACS in turn will gather results from all of the supported AV’s.

thanks.
Does it mean you can’t use DACS if you don’t participate ?

CIS will use DACS… you can simply use CIS to take advantage of DACS. You don’t need to be a contributor. We have enough contributors already and not looking for anymore tbh.

Melih

Are you sure you will not have any legal issue with this?

A user scans a file and tells the community if that file is good or bad.

what is wrong with that?

Is a user allowed to scan a file?
yes.
Are they required to keep the result of that file secret?
No.

As you will appreciate, we have spent quite few $$ on the legal advice for this for many months. We are confident about our position. Its about time make the AV industry honest! DACS will force their hands! And at the end, end users benefit and this has been our aim from day one!

Melih

You have a dam good heart! I am looking forward to see it.

Take care!

Regards,
Valentin N

Are the files scanned with the complete av (behavior blocker, heuristics…) or just the engine

Just the engine IMO. When there will “complete scan with everythink” it would takes forever… 88)

If an antivirus maker requests that you cease passing their results through your distributed system, will you respect their request ?

In theory it shouldn’t happen, otherwise even Virustotal should be blocked…actually, i’m wondering what the difference is between DACS and VirusTotal…ok, I know, DACS is based on the P2P tchnology, but the final results are fairly the same: one unknown file is scanned by several scan engine at the same time, and then the server, or the network, return a safe or infected result. Btw, I’m very curious and I want to test it asap ;D

The difference is that VT paid for the licensed engines
With DACS you can scan your computer and not with VT

What lordraiden said plus the fact that VT has a size limit of 20 megs or so, where DACS, should, in theory, have a limitless size.

Also, DACS+CCS means you can know the file is a virus as well as u can clean it using CCS.

I was expecting the DACS to be a great service but nothing like this.
Just like always, Thanks and Merry Christmas.

the results are NOT owned by any AV company. How can anyone own the statement that “this file is malicious”?

Melih

VirusTotal has engines running on Servers: requires server licenses from AV companies which has certain restrictions. For example I would doubt very much if VT could have their own AV engine and use the results obtained from the Server side of their scanning for their AV.

DACS: relies on “users” result. And DACS is integrated into an AV and automatic. (eg: CIS automatically finds an unknown file, sends it and gets the result etc), with VT you have to find what is an unknown file and submit and wait for the result yourself manually. DACS is FULLY AUTOMATIC.

is there a release date ?