My System: win xp home / sp 3(HP Pavilion zv6000)
Using: CFP 3.0.24.368
Using: CAVS 2.0 beta 2.0.17.58
One screen shot below demonstrates nearly all of the problems that Defense+ exhibits which together make it still not ready for wide use. I agree the basic ideas seem clever and useful for people that want to become firewall/malware enthusiasts (ie, spend 20% of online time just dealing with CFP/D+) … but that’s the completely wrong direction for basic online security. Security should instead trend towards less user interaction. This app remains unusable, unless I spend 20% of my online time babying it or simply disable security features to the extend that I no longer trust that it’s actually protecting anything.
Anyways, that more design – I’m sorry to say v3 is way off the mark in all design/user-interaction categories.
Now the bugs:
-
Defense+ doesn’t learn according to how the Help file describes the D+ Security Levels. I am in “Safe Mode” which promises: “Every action of the safe executable files are learnt”. NOT TRUE! D+ learns almost nothing, and creates multiple, redundant entries in the security policy with different “predefined policies” than I’ve previously specified (again, constant need for babying). See, eg, the redundant Firefox entries. Winzip continues to have no access no matter how often I declare it a trusted app – D+ somehow, like “javaw.exe”, reverts it to “Custom policy” and asks about every little thing.
-
Same with my years old text editor UEdit32. What does this ALERT mean anyways: “… is about to modify the contents of C:\WINDOWS\system32.…” a protected file/directory. NOT TRUE! I’ve said “Remember” & “OK” to this same ALERT repeatedly, declared UEDIT32 a trusted app repeatedly, and still it can’t do anything with D+ in “Safe Mode” – The Alert is the screen shot below should not appear when UEDIT32 already has this access permission.
Then I’ve gone to the Windows directory to check if UEDIT32 actually modified these system files. NO IT DIDN’T. What could this common message possibly mean?
- CFP & CAVS don’t recognize their own (Comodo’s software) maybe not such a problem with CAVS/HIPS, which should be cautious, but declaring Comodo a “trusted software vendor” to D+ does nothing, no help – are Comodo not even using the software attributes they designed, not signing their own security software?!
Together, this was such an incredibly frustrating and annoying problem with Comodo’s own BOC426.exe app, that I had to uninstall this BOC utility in order to avoid an ongoing conversation with it that was like having a six-year old in the room while I’m trying to work (“Hey, what’s this? Is this yours? Do you know about this? I like this. Is this mine? …”). Ahh!
- D+ still doesn’t recognize Win short pathname, creating multiple entries with conflicting access rights (see C:\PROGRA~\Mozilla versus C:\Program Files\Mozilla)
I’d love to use CFP/CAVS/BOC at a reliable security level, but at least CFP v3 simply remains too buggy even 6 months after initial release. That experience was so disappointing that I stayed far away for six months.
Looks like I’ll have to give it another six months.
[attachment deleted by admin]