I understand that you are implying you represent the great majority of people and guessing the vast majority of cases.
But this is not sufficient.
Your understanding is totally wrong . It was sufficient for me in 100% of cases for 10 years of using Symantec products so I’m understating it if anything.
Thanks for the clarification whereas you now stated no more than your individual opinion whereas previously it looked like it was the great majority of people viewpoint.
Despite being a previous user of that product I parted from it years ago since it caused a great performance hit on my PC.
Despite I don’t recall to have been infected while using NAV I remember a friend of mine who using the same product found out about an active infection only after he noticed that NAV was being crashed by a Trojan (indeed he was lucky).
Anyhow after I left NAV for good I’ve never had a reason to turn back.
I added to that post but, my point is that yes, Comodo offers a greater degree of security but at a price in usability that many people would be unwilling to pay. It definitely does give too many popups. If I were to install it on anyone else’s system, I would leave it at installation defaults for everything and tell them to leave it that way. Many people would even find that configuration too nagging and chatty.
Comodo Internet Security (CIS) is currently a great product, but Comodo still has not reached all of its goals for CIS. So, CIS is still in its development phase. Part of the next phase of development is major usability improvements. While I agree that CIS is currently not intuitive enough for everybody and lacks the “set and forget” functionality, I expect improvements in the near future that will make CIS more intuitive, less intrusive, and easy enough even for the novice.
CIS has intrusive pop ups when I used certain settings. It never made sense to me that one must adjust the security settings to reduce the pop ups. Stronger security should not necesarily mean more pop ups. Many of the usability suggestions that have been made (which will hopefully be incorporated into the next major CIS release) should allow users to set strong security through an intuitive interface without intrusive warnings. Hopefully, the “pop up” issue raised by the original poster will be a mute point when CIS 4 is released.
That is what I am hoping too. I like CIS and intend to keep using it while also providing what I hope is constructive criticism and input as to the improvements I think should be made.
While CIS is continually developed and thus improvement are to be expected, whereas it is likely a moot point to argue about intuitive for everybody as this imply something like innate knowledge.
Because there is no innate knowledge about Computers and ever more about computer security.
Although many confirmed that CIS can be considered “set” and forget, I guess many could still wish for the “install and forget” that years of Default Allow apparently carved in stone despite the risks, whereas at most only the “forget” part is commonly passed along.
Stronger security do not mean the users don’t have to be involved either. Undoubtedly compliance is fundamental whereas any software if used improperly could only provide a false sense of security.
Besides “novices” it is not supposed to be a permanent long lasting condition whenever baseline features could be appropriate at the beginning.
Although it is possible to improve security over a baseline Default Allow approach, intelligent behavior blockers are still meant like AV companions whereas they provide an increase in security but reducing popups mean to set a cut-off to identify somewhat “blatant” malware (and let slip the rest).
Despite white and black lists could provide a different impression there are plenty of potentially malicious behaviors also used by legitimate apps (wherever is undetermined if these would have been actually needed).
Eg: if a Trojan downloader is usually an invisible app that download something from internet. This behavior by itself cannot be strictly considered malicious whereas application the likes googleupdater.exe do the same.
Even the usually deprecated UAC was meant to address the current situation whereas Vista’s UAC security prompt was designed to annoy you
it encourages developers to design their software such that privilege elevations aren't needed in the first place. The latter is really the point of UAC, since users have absolutely zero control over the privilege requests their applications make (other than to chose not to install said apps).
In many cases the differences between legitimate apps and malicious ones are pretty subtle and often it is not unlikely to be related to the subjective user viewpoints.
blah blah blah blah …on and on and on. If you can’t stand the heat get out of the kitchen. If you don’t like CIS then use something. I am setup on Anti virus Security level = On Access …Fire Wall Security Level = Safe Mode …Defense+Security Level = Safe Mode and I dont’ have all the “popup” problems noted above. I have been using Comodo firewall for few yrs now when it was just a firewall along with either avast or antivir along with boclean and they all worked well together. Now that anti virus is combined with the firewall in Comodo , I no longer use avast or antivir although both are great programs. My point is Comodo is a great program and on top of it all it’s free. And if anyone doesn’t like it then they should move on to something else and stop all the complaining post after post. Oh yes…am an old guy too. 66 to be exact.
CIS has 3 main parts:
(1) AV
(2) Firewall
(3) Defense+
The only thing which is making the AV difficult to use is the high rate of false positive, once they solve this issue, the AV should be fine.
When you set the firewall to safe mode, it becomes very easy to use. It will only pop up for new applications and you also have threatcast to help. Perhaps it could be improved by making it automatically blocking bad stuffs eg malware which the AV detects.
The big problem is Defense+…This is no doubt the strength of CIS but it is also the most difficult part to use. Of course if you use CIS with its default configuration and set Defense+ on Clean PC mode, you will not receive many pop ups. The real difficulty happens when you have to install new apps, it has often been suggested to switch to installation mode to do the setup process without pop ups. This is fine as long as you know that the file is safe, but tell me honestly if you are on facebook and you are told to download some stuffs to get free games for eg, now Defense+ pops up in the installation, how would you know whether it is safe or not. The security software must automatically do it for you. If I knew that the new game was not safe, I would not have installed it.
Please there is no need to tell me to stop using CIS if I do not like it.
Comodo is providing a free product and it would be a real waste if people could not take advantage of it because of its usability. So for me Comodo should come up with a solution where the software will pop up only for real threats.
Good luck.
Default Deny approach is focused on security critical actions which in turn display color coded severity ratings along with security considerations.
Any unknown application which do not carry such security critical actions will not trigger any alert. Whereas the security consideration explicitly points out blatantly malicious action as Malware actions (AFAIK it is a subset of High severity red alerts).
Nevertheless if the application is safelisted there will be no alert.
Tell me if you had any “Default Allow” AV and someone would tell you to download some stuff and install something on a social network would you do so confiding that the AV will undoubtedly and automatically protect you if the application is malicious?
Whenever Default allow seemingly provide the perception of a secure “install and forget” environment anybody under this perception will not be wary of potentially risky scenarios like Social networks (Malware most potent on social networks) and could neglect an active individual participation to one own security.
IMO what is left after many years of default allow approaches is the unwavering perception that users had no part in their security whenever this seemingly was a side effect of blacklisting (indeed detection of thousands of malicious signatures against an application would be a task only a security application could carry).
And along with that the feeling that completely unmanned total (sure-strike detection) security has come to be represented as something that has been there all along.
Indeed as DA would allow everything it could not detect, users installing only Safe applications would not have to carry any additional action and seemingly not needing any AV.
Hi thanks for the reply.
Things like the color coded severity ratings do make CIS easier to use but more has to be done and hopefully we’ll see the improvements in v4.
The traditional blacklisting approach is flawed because it is providing a false sense of security and many people have been infected though they have paid for security software, but is the white listing approach the ideal solution? There has been several discussion about blacklisting vs white listing approach and the proponents for white listing claimed that there are more good stuffs than bad stuffs and it is easier to find them, but what is Comodo doing? Their aim is to get 30 min updates for the AV(blacklisting) and no one is talking about frequent updates for the white list. Can Comodo give frequent updates for both the black list and white list? If yes, then there is no problem Comodo will become very powerful and usable.
Tell me if you had any “Default Allow” AV and someone would tell you to download some stuff and install something on a social network would you do so confiding that the AV will undoubtedly and automatically protect you if the application is malicious?
This is not about me but about most people whom I know. They are all currently using an AV paid or free and Windows Firewall, do you think it is easy for them to switch to Comodo? Not at all, what I am saying is that the other AVs are innovating with cloud technology, behaviour blockers etc because they know that their products are not secure enough, Comodo has started with a powerful classical HIPS(Defense+) and now it has to make use of technology to make it easier to use and maintain the high level of security.
Look at the progress of Kaspersky at matousec, this shows that they are working and they are still very usable. However I do not think that any company has been able to do as much as Comodo has done in less than a year, so I remain confident that Comodo will succeed in its objective.
Thanks.
If blacklisting is flawed and whitelisting isn’t the ideal solution, there are no black and white answers and all that is left is shades of graylisting.
There are two computers here on one router. Mine currently has CIS installed, the other one has Norton AV 2009 and the XP firewall. My ladyfriend (the other computer’s owner), is comfortable with what she has and she is not computer literate at all. I have to tell her every time how to shut something down that has hung up and sometimes even how to get to the control panel. If I were to install the Comodo firewall only on her system, I know for a fact that she would be screaming at me within 60 seconds to get rid of it. She goes to all the free games sites and is constantly downloading and installing new stuff. Amazingly she very rarely gets any malware on her system. I scan it periodically with Malwarebytes and SAS and as I said, very rarely find anything. What I do find is relatively harmless stuff. While I am able (with my admittedly only average level of computer savvy) to cope with CIS and it’s quirks and necessary interaction, she would find it totally unacceptable. We are both 61 years old and you get comfortable with what you know, her much more than me. I actually like trying new software which is part of the reason that I came to Comodo from Norton even though I was totally satisfied with NIS 2009 and never in my 10 years of using Symantec products encountered any problems, including the mythical performance impact.
Ok since with every release Comodo are reducing the pop ups and they are planning to improve the usability further in v4, I find no need for this thread anymore.
Thanks.
Bye
Oh well your personal experiences are obviously a fact but instead of classing previous performance issues of NIS as mythical I guess you could have pointed out that NIS was specifically improved in this regard whereas it was previosly a top scorer in What Really Slows Windows Down
Nevertheless despite you obviously willing to appreciate NIS, I guess nobody can actually count each user understanding to remain unchanged for a lifetime nor I guess anybody would be willing to assume that computers could be considered intuitive and are supposed to present only concepts that leverage on innate knowledge.
CIS can actually be used in different ways and thus can cope with a fairly different type of users, though this do not mean it can provide an unlimited adaptability whereas high degree of adaptability is supposedly a property of human beings.
Compliance is indeed an important factor whereas lack of thereof is not always due to inability but more often is caused by a more or less evident prejudicial aversion
whitelisting and blacklisting would seemingly be ideal solution in theory, in practice whitelisting presents the same constraints as blacklisting.
IMHO BL and WL could be considered a complementary approach whereas indeed software behaviors actually come in shades of gray.
Whenever legitimate applications could be possibly designed to not unnecessarily lean on the dark side of the spectrum there is no apparent consensus on that but indeed Microsoft attempted to address this in a roundabout way with UAC implicitly encouraging “developers to design their software such that privilege elevations aren’t needed in the first place”
I would like to see CIS 4.0 having a choice between being installed “out of the box”, that is: install and forget about it; and the regular installation as we have now, for those of us who like to play about with settings.
The choice could be made during install, like when choosing AV, FW or both; and should be reversible, again as we do now if we decide to have the AV installed after all.
The advantage would be to have Comodo reaching all those below average users that get frightened away by our beloved Defense+ pop-ups.
Can you imagine the thousands of new users we would bring to the Comodo community?
Would it be too difficult, technicaly?
No. It would not be difficult.
Kaspersky did it with their 2010 version.
A HIPS can and should be user friendly for those who want.
A lot of those results are focused on Boot delay which I couldn’t care less about. All apps that load at boot time slow down the process. I’m only talking about perceived performance hits during use after initial boot and I notice no perceptible difference between CIS and any version of Norton in that regard although I will say that the system does seem to boot up slightly faster. However, this is definitely OT here so I’ll stick to the popup issues from now on while still using Norton as an example to move towards in that regard only.
Whenever you couldn’t care less about that and you feel inclined to make CIS more NIS like and consider the results of preliminary evaluation on the upcoming NIS 2010 behavior blocker which let slip though on 20% of malicious samples excellent.
You also were not interested in the matousec “not recommended” results of NIS 2009 and stated that CLT leaktest were specifically designed to promote Comodo.
But you still wish to pose NIS as an example and represent CIS as requiring too much effort, is that correct?