How the Trusted Vendors List needs an OBVIOUS update function (actual case)

The comodo list of trusted vendors became large. Its time to have an update function.
Its a strange feeling to have a security feature that depends on a list that might be as old as the program version we are using.
And the most disturbing is, we dont have any idea of how old the list is.

We get virus updates because malicious authors write new stuff. Zero day is usefull for them. Antivirus reacts.
Like depending on antivirus alone might be a technic from the past,
so is depending on a static trusted list. Even more worse, its like depending on an antivirus that does not get updates!
Time to change.

And this update function should be accessable for all users. Not only by using clouds or antivirus section.
As a part of the product update.

I think Comodo has learned something from its previous mistakes plus I’m pretty sure that you can rely on TVL with no security risk(s).

I think Comodo isn’t even aware of previous mistakes. But this might be a result of the fact, that there’s no real dialog between the devs and the community.
The last “improvement” for the TVL was removing the option for not using it.
And clockwork posted the current example, why you should not rely (solely) on the TVL - which is also an excellent example, why relying on digitally signed software is at least questionable.

I guess the TVL gets the update on the required basis, right?

Like something wrong they found, posted here, posted on the internet, any info, etc…

The TVL is updated regularly. New vendors are added regularly and, if necessary, older ones are removed if they are no longer trustworthy enough to remain in the TVL.

Aside all other problems with code signing and the TVL:
Adobe made the news available for the public, yesterday. They wrote, that they want to revoke the certificate for applications signed after July, 10th. (Didn’t know that that’s even possible)
Means they have traces of abuse back to mid of July. This means potentially digitally signed and trusted malware for two and a half months.

What do you mean with regularly? At least for adding new vendors the documentation states (at the bottom):

Our technicians check whether:

The software is signed with a valid code signing certificate from a trusted CA;

The software does not contain any threats that harm a user’s PC;

before adding it to the default Trusted Vendor list of the next release of CIS.

This means entries are added only with a new release!? (Which is some kind of regularly)

But the documentation also still states, that there’s an option to disable the TVL, I would be intrested in an up to date version :slight_smile:

I believe that has changed with the newer releases. It is now updated regularly and the cloud really does most of the work.

Also, V6 will have an option to disable using the TVL.

If you find a trusted malware or a whitelisted malware you just have to submit it throught forum and if it is really bad vendor is removed from TVL or files is removed from the whitelist (cloud based).

People who are using the classic comodo features (firewall, defense+) only have one chance to update something.
More>check for product updates.
This comes back with the information: Your program is up to date.
UNTIL a new version is released.

Even IF the TVL gets updated with this button, the user simply does not know.
I got allways semi-clear statements about the update procedure of the TVL. And allways it includes “antivirus updates” and “cloud”.
That would mean that the classic users are bound to an old TVL. That can not be intended.

Comodo checks local and cloud TVL so unless you have turned off cloud component, you are up-to-date with the latest TVL edition.

The TVL is a determining part of defense+. Why should i have to be forced to use a two way cloud to update a fraction of it?
Isnt it somehow strange to “post files into the internet” each time you press on a file on your computer? I dont like that.
I would like a button to update. Or the update being part of the regular update process.