How to improve CIS functionality

I have used Comodo products since CF v2 and needless to say that I like Comodo products. In that respect I would like to formulate my own opinion on how to improve CIS functionality.

One of the best features of CIS is the parental control features. I do think the term parental control does the concept justice. The reason I say this is that parental control does more than the eye can see. It allows my mother as well as my father to protect their PCs without any cries and tears. My parents came from the industrial age it was very difficult for them to migrate to the Internet era let alone for them to deal with pop-ups from D+.

To me the parental control feature is like their savior and my peace of mind. Imagine getting a call while you driving from mom or dad just to tell you that “D+ gave me a warning what shall I do? “

Now having explained what the parental control feature in CIS has done for me as well as for my parents I think I should now proceed in explaining how it could be improved. My only problem with D+ is the update of trusted software. I used Secunia Personal in order to make sure that all my installed software are up-to-date. Consequently, when I tried to update Flash player, Firefox, and Zone Alarm ForceField, all the updated files even though they are all signed CIS still asked me to review them; every single time I put them all in my safe files and CIS, with the parental control on, still asked me for my review.

With respect to Windows update and I’m using Windows Vista x64 home premium, CIS did not allow any update whatsoever, even when the update was not critical. CIS simply did not allow any update with parental control when I attempted to put all the updated files in my safe files. What I would like Comodo to do is to provide parental control in two steps. The first one should allow user to update trusted software or signed executables and the second choice should stay the way it is today with no update whatsoever, almost in a lockdown state.

The good news in all of this is that I did not have any half installed or half updated software. Nonetheless, in fairness to Comodo, I just realized today that Microsoft sometimes does not always sign its executables when it comes to Windows update. I read the following from F-Secure Blog:

“In the last couple of hours, we had a false alarm on a Windows XP system file called wmiprvse.exe
(md5:798A9E6828997EEF4517ADA8A2259831).

This file was updated by Windows updates earlier this year. Though the executable is not signed by Microsoft, it is indeed a clean file.

The file may appear on your system in the following locations:

• C:\WINDOWS\system32\wbem\wmiprvse.exe
• C:\WINDOWS\system32\dllcache\wmiprvse.exe
• C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3_ctc\SP3GDR\wmiprvse.exe

We have fixed the false alarm and apologize for any inconvenience.

Fix is included in the database release 2009-04-20_02.”

As it can be seen some update failure could be the result of Microsoft own doing.
Now in terms of false positive, I would like to report that I scan my computer every night and my parents once a week and I would like to report that I have yet to find one. At the very beginning when I was using CIS v3.5 and v3.8 I used to have quite a few, especially when it comes to my portable software (portableapps.com). CIS used to detect as malware all of my portable apps, but not anymore. Comodo staff has really outdone themselves in order to drastically reduce the number of false positives.

In the end I would like to conclude with the following quotation: “Hatez-vous lentement; et, sans perdre courage, Vingt fois sur le metier remettez votre ouvrage; i.e Hasten slowly, and without losing heart, put your work twenty times upon the anvil.” — Nicolas Boileau-Despréaux also known as Boileau.

In other words keep polishing CIS and in the end Comodo will have a product close to perfection. I said close to perfection since no human product can ever be one hundred percent perfect. May God bless Comodo staff.

Peace. :a0

There is already a topic about using parental controls with zero pop ups: https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/configuring_cis_for_maximum_security_with_zero_alerts-t37233.0.html .

I gather the point of his discussion was not the popups, but rather the ability (or lack thereof) to update from a trusted vendor while in Parent mode. At the same time, though, I see this as a difficult fix, as how is CIS supposed to know what is coming down the wire is a valid update from a trusted vendor? I can confirm not all updates are signed.