Firewall default allow all vs normal firewall vs firewall for only untrusted

Comes from here:
https://forums.comodo.com/news-announcements-feedback-cis/is-this-going-to-change-vulnerable-by-default-t53596.0.html

What configuration should be the default one?:

Firewall default allow all: ACTUAL DEFAULT. With the default configuration all the conections are allowed so any malware, keylogger, screen capture, can receive/send information to internet even if its sandboxed or not. So you are only protected by the AV. (shouldnt be forbidden?). No rules are registered with this mode.

Normal firewall: Be asked by the firewall for trusted and untrusted and register all the rules (trusted + untrusted). By now this configuration is not avaliable if the sandbox is enable.

Firewall for only untrusted: Be asked by the firewall only for untrusted files and register all the rules (trusted + untrusted)

As you comment each choice in a subjective manner (and independently of the fact i agree that no default outbound should be allowed), what you call a poll is indeed a plebiscit, and should as such not be answered to.

Could you tell me where I lie?
Could you explain better “Firewall default allow all”? I will add it if the explanation is better than mine.

i said option 3,

i would rather have comodo not ask for trusted rules and have those apps be created automatically while untrust/unknown be asked.

Number 3.

Number 2.

I don’t want a piece of software making potentially important decisions for me.

N. 2 I too. The only one mode to use right an HIPS.

The poll is about firewall not D+.

Another survey

https://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-40135239742-released-t52402.0.html;msg379181#msg379181

2) 80% (28 of 36) of my customers wich already have V4 installed didn't liked the default "Allow All" feature of the FW. They were using firewall to block some connections before. The "Remember my Rules" option should be automatic for each app (actual default behavior IF there's no rule for some app; obeying the rule if present)

Altough i use v3 and not v4, i of course agree with your inferred choice (2) (but you shall note that a lot of people go for (3)), but not with the “methodology”.

Of course, you are not deliberately a liar, but you are “lying” both by overstatement and omission.

Let’s first say that i am opposed to whatever forum polling: to have whatever signification, it would have to involve not only this forum english readers and not even all language ones, but a large enough proportion of all of Comodo’s users; if not, it is not a poll, but only lobbying, but that is another question.

Speaking of this particular poll, and being said that Comodo deliberately made as default the contested behavior (as it is with, e.g., Windows default firewall), in order for a poll to be valid, it must factually present each choice without any personnal judgement, not ask more then one question at a time, and not make in the same time the questions and the answers.

As an off-topic illustration, De Gaulle made a poll long years ago asking people if they wanted him to make the reform X…: the said reform was actually quite good, but the french people were tired of De Gaulle, and they said no.

No one can actually vote for (1) when reading you, and you hence are making not a poll but, like before, a plebiscit.

Nevertheless, the reason for which Comodo enforced this very strange behavior is because a lot of people want it: they want to use a firewall, but never for it to warn them, and to automatically allow whatever site is said to be secure (Microsoft? Hum…) or, worse, they assume to be secure (call it emule or whatever on-line game, this forum is largely documented about such “issues”).

These same people, and Comodo with them, assume that, for an outbound connexion to be initiated by malwares, you first have to have this trojan or whatever installed to your computer, and that of course firewall/defense+ is supposed to keep you from such situations.

I, myself, do not abide by a single word of this theory, but it does not keep to expose its consequences with their pro and con in a factual way, allowing what i think to be short-minded security people to do whatever they want with their p2p and games, and voting for choice (1) at their own risk.

So, how do you want to explain it?

The people wanted less popups with defense+ the firewall was not a problem, in fact the decision of make this in the firewall is totally of comodo since nobody at the begining understood why the firewall didnt “work”.

I voted (3): Firewall for only untrusted: Be asked by the firewall only for untrusted files and register all the rules (trusted + untrusted)

I would use (2) instead (3) if were possible, anyway this poll is for the default configuration.

What about the “I don’t care about defaults” option?

It looks like this poll does not account for those who configure software as they see fit without paying attention to defaults…

You and me and many others know how to configure it in order to make the firewall work, the problem is the people that dont know how to do it, they are less protected and without layer protection because the firewall do not block anything.

I think that the main problem is that comodo is vulnerable with the actual default configuration, I dont care if in a future the defult is (2) or (3) but cant not be (1)

There is no reason to omit that option and bias further a poll that can already be answered only by those subscribed to these forums (and not CIS user-base at large)

The assumption that “users aren’t able to” would seemingly make this pool moot if not for the implied exception that voters “know enough” about configuration to vote (pretty convenient way to select voters )

Now you can vote

Thanks. I have no expectation about how many will select that option so I’m curious about the outcome.

More settings that have changed from v3 to v4 giving problems:

https://forums.comodo.com/empty-t53650.0.html

That is one way to see it but even the old settings had their drawbacks though in any case “defaults” are less a solution than the users themselves (or some new feature).

I still can’t vote. I was going to vote for Firewall only for untrusted until I saw that you included making rules for trusted . I can’t go with that. That contradicts the name of the option.

I agree with you.

Just want to remind that default settings should be designed for general users. Advance users can always customize CIS to their own preferrence.