The comodo list of trusted vendors became large. Its time to have an update function.
Its a strange feeling to have a security feature that depends on a list that might be as old as the program version we are using.
And the most disturbing is, we dont have any idea of how old the list is.
We get virus updates because malicious authors write new stuff. Zero day is usefull for them. Antivirus reacts.
Like depending on antivirus alone might be a technic from the past,
so is depending on a static trusted list. Even more worse, its like depending on an antivirus that does not get updates!
Time to change.
And this update function should be accessable for all users. Not only by using clouds or antivirus section.
As a part of the product update.
I think Comodo isn’t even aware of previous mistakes. But this might be a result of the fact, that there’s no real dialog between the devs and the community.
The last “improvement” for the TVL was removing the option for not using it.
And clockwork posted the current example, why you should not rely (solely) on the TVL - which is also an excellent example, why relying on digitally signed software is at least questionable.
Aside all other problems with code signing and the TVL:
Adobe made the news available for the public, yesterday. They wrote, that they want to revoke the certificate for applications signed after July, 10th. (Didn’t know that that’s even possible)
Means they have traces of abuse back to mid of July. This means potentially digitally signed and trusted malware for two and a half months.
If you find a trusted malware or a whitelisted malware you just have to submit it throught forum and if it is really bad vendor is removed from TVL or files is removed from the whitelist (cloud based).
People who are using the classic comodo features (firewall, defense+) only have one chance to update something.
More>check for product updates.
This comes back with the information: Your program is up to date.
UNTIL a new version is released.
Even IF the TVL gets updated with this button, the user simply does not know.
I got allways semi-clear statements about the update procedure of the TVL. And allways it includes “antivirus updates” and “cloud”.
That would mean that the classic users are bound to an old TVL. That can not be intended.
The TVL is a determining part of defense+. Why should i have to be forced to use a two way cloud to update a fraction of it?
Isnt it somehow strange to “post files into the internet” each time you press on a file on your computer? I dont like that.
I would like a button to update. Or the update being part of the regular update process.