Josh, are U certain about 6 months? 88)
LA
God I don’t know ! lol 
Cheers,
Josh
where do I start!!! 
Melih
At the beginning? ;D
Howabout you do a “mind ramble”? 
Yeah, that’s right. The only problem is that others are able to correct such a situation after an acceptable period, i.e. a few days.
Submitted this (look at the date):
http://www.virustotal.com/nl/analisis/ca8c45a7eebb5e0c4a6f3b422040822b
Two days later:
http://novirusthanks.org/blog/?p=636
Some more examples:
- I still have undetected samples that were submitted over a month ago (re-submitted a few weeks later).
- On 6 December I sent 12 or 13 samples (can’t remember). 12 are still undetected.
This probably could go too offtopic if we continue this dicussion 
Yeah i agree with you that it does take awhile for some samples to be added into the list but they have alot to catch up on aswell as adding new samples.
I submitted a fairly “wild” peice of malware the other day to comodo and the next update it was added into the list, They have to get their priorities right by adding the dangerous ones in first which i think thats what they are doing :-TU
Hi Grady,
Regarding your statement:
Maybe you'd prefer to look at this then; http://www.virustotal.com/analisis/b2c7929281289aaba28003cc147a0ecdGrady, Others miss what others catch…
Yeah, that’s right. The only problem is that others are able to correct such a situation after an acceptable period, i.e. a few days.
Submitted this (look at the date):
http://www.virustotal.com/nl/analisis/ca8c45a7eebb5e0c4a6f3b422040822bTwo days later:
http://novirusthanks.org/blog/?p=636Some more examples:
- I still have undetected samples that were submitted over a month ago (re-submitted a few weeks later).
- On 6 December I sent 12 or 13 samples (can’t remember). 12 are still undetected.
If you can be specific about the samples, by SHA values we can track the fate of samples.
Thanks
-umesh
Dear Friends.
Are these goodies we are promised going to be in the form of a Beta or just updates.
Thanks and Happy Christmas
How is the heuristics engine is going to work? I read it was going to be like CIMAS, however, just for the heck of it, I submitted the flash plugin installer and it rated it as susp.[1] based on 5 report entries.
How is COMODO going to handle FPs with this engine? :THNK
Just curios, as I’m desperate to have the heuristics engine bundled into the AV :BNC
Thanks and happy holidays
This is everything, last day is 6 november. Anything after that date I haven’t added to the list.
9FC3F3A6 8220FE55 638C8A0C 4E6C1D92 EC94772E
9C99ECE0 EA324746 B1E48C2A 45153445 914D7044
58459097 605A56C8 D64F156B 2BE944E0 CDDCF11F
8A359B07 67A36767 83AC1CF9 37EEBADE 82D913D1
DCC10E56 D262E4FA 4A06365E A73253FD CF77C786
5DAC6C11 B98C9501 3327DA2B ADC05358 D6E355D1
5A4F3050 0C1C2820 15592BBB 5C6ED5D4 1E15F8EE
DAFF21AE 718308E2 F2244826 78E40CE2 D03BD3D8
02200D3D 3531A9A4 FC286AF9 CD511371 BE8F0235
2E8A7A1C EECB0CB7 C20CF44B 9C491B07 EBD987C7
DAFF21AE 718308E2 F2244826 78E40CE2 D03BD3D8
6EA5A45F 0369296A CD192F21 83B962CC 824A8209
B4377C57 B981DB8A 7AC8CE21 157730F1 A476B513
F34D772B 8D436C08 CAA01CA9 E9673D6D 44959088
11BF23E6 ADBAC282 2C6146EA AAC52579 6F320AD8
4A1D3FA2 135DC2CF 77DA242A FE2FD98E 1BB10B27
B75F763C 24EDEE9C B86F654F 0E75EAD8 B77AAD46
A44C6A2B 0243A41A 47E4B667 CB83E01E 9108742E
E0CB5985 ADADCEBC FEE56C24 2529298A 3738B631
8C1D559A 77125B01 B243B531 1A9F6AD8 8B47A0F5
0A81B462 979CA1A9 820A5B3D 21EE0A74 734D56B1
1A8A04F7 9AF1F0AC B837C7A1 76D963B4 B0D74261
48088F9C 906799D1 480EC7A6 AB30B2E3 CEE9D23B
5B8F09AB D2BB6FBA 91B52CDC C1B83F66 FFF83C55
CE49DE23 82D07135 37A2D92F F74BD686 3BFE0B66
8864943D F553A21D 3CAE56AE 6D93698F 6758809E
18A7A24A 6AD484CD 6BD819B1 B9B879CF 130A9579
7D0E3C04 0470A841 5381A82B 382923D5 61F0BD85
next update will be a having many new components and hence it would be prudent to do a beta first…
Melih
That’s how i imagined it
Thanks.
Now that it’s almost over, can you tell us if we will still be getting a new build before end of year? thanks!
I’m still wondering about the heuristic engine. I uploaded a threat to CIMA and you can see the report
http://camas.comodo.com/cgi-bin/submit?file=a52c0ccf4f57a10fad3ce99ab9ad15c6e27b0894c726cd6ab03930ceda57d67e
It was rated as not susp but it is a threat based to like 10 different AVs.
Now this other report
http://camas.comodo.com/cgi-bin/submit?file=c98f58e4d93835b56c1b1f861ceeabec6ad0a4feea742fcff8f4003598edca14
rated the file as susp by 2 entries.
I loaded an installer (see my other post in this same page) and it rated it as susp.
My point. How does CIMA rate the threats? Based on HIPS? Behavior? How?
Again, dont get me wrong, I use CIS in my 2 personal PCs and I recommend it and install it to my clients. Love the firewall and the D+ module and the safesurf thingy!! Anyway, all threats tested in CIMA where submitted to Melih directly! Sorry if I infect your PC Melih, hehe I bet you have CIS installed so your are all good!!! (:WIN)
(V)
One thing about all this quiet behavior is really nice, but I hope you don’t forget to keep the Paranoid option, let the end user decide to not use a whitelist (I don’t really Trust IE, and want to be alerted when something’s using it, but do trust Opera for instance). And still allow users to easily override the whitelist with their own blacklist.
Specifically I’d also like to have something where the user could choose to get an alert with recommendation, but not automatic action.
So something like:
Paranoid (traditional firewall/hips, alert on everything, user builds white/blacklist - provide suggestions)
Suspicious (Blacklist automatically, alert on whitelist still with suggestion to allow)
Normal (what you’re shooting for).
Maybe an option matrix (I like the current categories in CIS for alerting choices, but I’d want a second slider for whether to not use any comodo suggestions, use the blacklists or use both the blacklist and whitelist…
I just don’t necessarily want anyone making a choice for me on whether to allow something, but do enjoy extra info like whether the executable is benign or not…
COMODO is developing the new GUI for both advanced (power users) who want to know everything going on in their PC and for novice users who want the best security but don’t want/need to know/see everything.
will i need cmf after the next update?
It depends if they integrate it or not. AFAIK they are going to integrate this next release.
, what was this topic created for ? Probably announcing this sticky ? 88)
https://forums.comodo.com/overview_cis/development_activities_for_comodo_internet_security_as_of_december_2008-t31970.0.html
So yes indeed, normally CMF will be integrated in the next release and I have this strange feeling that it’s coming soon… ;D
Xan
Whenever mods get these so called “strange feelings”, you can be fairly sure that it will happen. 88)