I’m not providing details that should be self evident.
I’ll give you the reason why I made this thread. On the forums of another AV product, CAV was being attacked as being useless and terrible because it doesn’t scan things like email and web pages. I defended CAV by saying that in my opinion, CAV didn’t need to do those things within the framework of the entire suite and that it’s main function was to enhance the usability of CIS while providing basic AV protection which is all that is needed when coupled with the firewall and D+. I said that it functioned very well within the suite and it seemed to me that was the direction the developers were going with it. I got jumped on and called a Comodo drone and things like that. They said I was making excuses for the terrible product that CAV was. I made this thread to ask the developers if I was right or if they had bigger plans. So far, they have not fully answered my question but I have seen some indications that I was right in my impression of where CAV is headed and I fully support that if it is the case.
I was only looking for ammunition to defend Comodo with, not to fire at them.
What is being self evident is that you are not willing to provide details.
Though it looks that asking about what you heard on the forum of another AV would probably have you to provide some more details.
Let be it.
Nevertheless, by acting as a speech-person for other people from the beginning till now, it now appear that appropriate answer was actually something unlikely to wait for.
Hearsay can be only spread around, nobody can actually answer them even more if not detailed in a unambiguous and clear way.
IMHO It is not about ammunitions but about characteristics that can be met or not.
Once the characteristics are known/detailed the substance of the argument is defined.
I suppose you might have heard in other forum, for example, that x standalone AV got Instant messaging scanner and they see it as an important feature.
CAV has no IM scanner. That indeed is self evident. Once stated/pointed out, anybody can see if such criteria is met or not at any time (without waiting for anybody else to check that for them and rephrase it in other ways)
Indeed it is likely that those who deem an IM scanner useful would ask if CAV is going to support it. Though obviously not everybody would.
Whereas as long a person on another forum think that an IM scanner is something s/he need, s/he won’t deem any AV without it able to stand on his/her PC.
Woah! Gentlemen please. Keep it friendly, posts featuring nothing but a personal remark are not proper conduct. Let’s not get personal. Besides, I’ve got a bad cold & I’m not in a very good mood. Don’t make me come here again please. Thanks. It would be be really nice, if these types of comments “disappeared”.
“If the promised improvements to CAV come to fruition, i.e. greatly enhanced removal abilities for one, I will be very pleased, but I doubt that my position about it being used outside of the suite will change. I guess you could say my preference for it’s direction is NOT to become a standalone solution. I want it to stay as streamlined and lightweight as possible.”
I thank you are right,especially the streamlined and lightweight part.
Off topic,but the same vein,a light-virtualization software,that I considered best of breed,announced they planed to integrate a “small” Av competent into their next release,simply to check any files being committed to the disk,from within a a virtual session.
I thought,WOW!! that sounds good,I foresaw a kind “automatic right click scan”,that would go along way to solve the “all bets are off when you commit to the real system” problems of virtualization.
What really showed up? Basically the whole F-Prot program,heavy
(comparative) memory use,dodgy servers,and for me,system slow down
and Random BSOD’s.
Lightweight and streamlined is the ticket.
Asking you to detail what criteria you felt CAV did not meet would have served no purpose but having you actually explain them in your own words.
As such it supposedly appear that the “purpose of obfuscation” would have been coherently fulfilled only by your relevant answers.
Whereas just moments ago (as well) it almost looked like you was relaying something heard elsewhere (of course) searching for a reply, I even asked if there was something else you heard that could have been (at least) detailed as unambiguous and verifiable criteria and thus (finally) address the aspects you left pending.
Although it should be obvious that the questions I made and left repeatedly unanswered could only have been replied by the person who thought, felt (by now there is no doubt it was you) and created this topic.
I didn’t even ask you to explain why those criteria appeared to change later whereas MSE (or avira free) which didn’t get IM, email, webpage scanners…
…there would have been obviously no need to clarify what criteria an AV had to meet to “be able to stand alone” if you asked something the likes of “is CAV Design philosophy to reach x% or higher detection, get an IM scanner, etc, etc.?”
Sure you repeatedly claimed the “question” to be unanswered…
…no wonder as without detailing such criteria the answer you have been “waiting for” can be replied only by you yourself on each version (“self evident” I read).
And it really looks you’ll be kind enough to coherently get everybody updated without question asked and (of course) also relay relevant “hearsay” from other AV forums where you tried your best (now “well known” fact).
I will repeat this again straight from the horse’s mouth:
Where the addition of the AV may have started to lessen the amount of D+ pop ups the plans surely have changed. The change of plan makes sense because people who will use the Clean PC policy and have their computer scanned during the installation need to be sure the AV does a proper job. And according to Melih it will.
This much we know for sure.
Actually definition based solutions are falling short since a couple of years. So, none of them are good enough anyway. Hence why behaviour blocking and HIPS surfaced in the ever continuing battle against malware.
I support Comodo’s philosophy of not scanning emails in real-time to keep CIS lightweight (without reducing security). Emails are treated like archive files – Comodo’s real-time AV does not scan archives either.
However, Comodo’s philosophy is not consistent because their manual AV does scan archive files. If the manual AV is a separate executable from the real-time AV (I don’t know if Comodo does this today), then the manual AV can scan archives/emails without affecting the performance of the real-time AV.
I would like to see Comodo support email scanning with the manual AV. I am referring to the email archive, not emails as they arrive. In particular, the Thunderbird email format. The reason I favor this feature is that it allows me, as the administrator, to scan a PC weekly to make sure there aren’t any time bombs for the inexperienced user later. Also, I would rather see false positives during my scan instead of burdening the inexperienced user with them (as much as possible).
I use the Avira free AV for manual scanning instead of CIS because Avira fully supports Thunderbird email archives. When it detects, it shows the archive name, date and subject of the email with the detection. This gives me enough info to open the exact email in Thunderbird to delete it.
+1 I would also like to see this, maybe something called complete scan that scans every file on the computer and even breaks open archives to scan inside and everything. Call it a complete scan and show a pop up that it might take a very long time to do, so the person scanning knows this and are not surprised it could take hours. That way comodo does not have to build too much into the realtime scanner to slow down the system.
I did not know It is so hard to answer a simple question. The question is simple and will not change, the answers in this 8 pages growing topic are constant evasive to the question. After reading all these pages I can only conclude that Comodo has no philosophy for it’s AV because thats what is show to the readers by not answering straight forward.
The Comodo IS product seems great, the answers from Comodo staff unfortunately do not. Personally I would not run around the bush, I would stand for my product.
Real time vs On demand have two very different models…
In Realtime model, as i have mentioned many times before, we try to protect the RAM and HD… Whats the point of reading emails in that model? If its malware it will be caught either at RAM or HD level and these are the only 2 places that any code can live on (bar bios etc etc)…So in real time mode you want to keep things very minimal otherwise u will cause the system to lag…
I just tried scanning a .7z and they are scanned now. That must have been added without notification in one of the last updates.
I don’t see how pointing out what people feel are the program’s shortcomings is bad. I would think the developers would be interested in the input.
I myself know that email scanning is usually a waste of time and resources, but try telling that to people who don’t understand that and use AV programs that do have that feature.
Since Melih has said that the goal for CAV is for it to be one of the best, I guess that is as close to an answer as I will get to my question. It’s just that from the way it currently works, it seems that it is designed as a component of the complete package.
I think the most telling argument against the impotance of e-mail scanning is provided by the tech support people of companies whose products have that feature. If it seems to be causing a problem they tell you to turn it off while stating “You don;t really need it”.
What about starting to detail what would have been needed to have you claim that CAV seemed designed to “be able to stand alone”, for a change?
Indeed those would be the criteria that will have you post that CAV would not be seemingly designed to be “able to stand alone” for the time being until eventually fulfilled by a new release (if those qualifying specifics did not change meanwhile).
Since you mentioned MSE as an example of AV “able to stand alone”, by now you could have focused in detail on what you think CAV falls short compared to it.
You see, paid for providers have to justify what you pay for. So the more they charge, the more features they have to put in and tell you that you need those to justify you forking out those monies… We have the luxury of not having to “market or sell” by creating stuff that you don’t need. We provide pure top notch security!