I’ve been thinking about an idea of how to further improve CIS security. I’ve observed that CIS stores its configuration in the Windows registry. A malicious program could change the CIS related registry keys to gain control over the computer. I know CIS also protects registry keys, but when a program tries to modify the registry, you normally allow it because nearly all programs need to store data in it.
To prevent this kind of attack, I think it would be safer to store CIS active rules in an encrypted file with aditional security measures.
I think it could be a great idea. Comodo Internet Securiyty, being already the best security software for free, would once again exceed all other vendors, becoming unbeatable vor a FREE top security suite.
Good brainwork :-TU
I think having CIS maintain its own configuration would also improve performance; the act of reading and writing to the registry is not that quick. It’s not really noticeable on fresh installs, but if you’ve been using your computer for more than a few months, you’ve certainly got a ton of rules, and you’ll notice that CIS’s prompts take longer and longer to commit new rules and settings–then again, taking that long, it feels like it’s committing its entire configuration to the registry every time you make a change.