Instead of new products, how about improving existing ones? [locked]

Dear folks,

please see this as constructive criticism, not bashing.
But how do you want to attract a broad range of users if your products are not mature?
I dumped paid AVG 8 (18 paid months left) yesterday and installed Commodo FW, BO and AV.

But how comes the products do not even know (and trust) each other? The firewall asks me what the hell “CavSn.exe” is and if it should be allowed to create a log file for scanning.
AV asks me, if it was OK to start FW components or well known WinXP (SP3 enu) components like userinit.exe.

This is a denial of service. You bomb the user with *****ic questions until he switches off this protection.

What I am trying to say: One cannot know the last tiniest software. But AT LEAST your own software/processes should be known and trusted, as well as current Windows executables and common software. Otherwise people will uninstall your software again because it bugs too much.

HTH, and R.I.P…

P.S. Just whilst writing these lines Defense+ asks me what I want to do about “CavSn.exe is trying to create a new file or directory” because it found a “virus” and tries to move it to quarantine. Well, that is ridiculous!
BTW a button to say “I trust this app, do not ask again” is missing too. It just asks again for another “virus” to move to quarantine - though I checked the ‘Remember my answer’ box the last time. Apparantly it remembered my answer to allow to create “fileA.exe” but that does not apply to “fileB.exe” to be created…

…sad to say but it continues…
An AV scan found 22 objects it quarantined - all of them (except EICAR) no viruses:

2 files that are part of BartPE and are virus scanners of competitors → IMHO it is very bad behavior to qualify rivals as infected
BartPE\Programs\avk\avkstarter.exe → completely clean*
BartPE\Programs\bitdefender\bdstarter.exe → completely clean*

19 files that are “unwanted software” such as password revealer or just plain VNC!
Folks, this is not an enterprise environment where the admin might not want me to have these. This is my computer and I intentionally have this software.

But back to usability: I cannot restore the items from quarantine, because OnAcces scanner blocks. Wouldn’t a mature product either automatically exclude files I decide are okay (decision by restoring them) or at least offer to exclude by context menu? Why do I have to wade 22 times through the directory tree to select all these files manually?

Please, improve the products usability.

R.I.P.

  • scanned with latest versions of A-Squared, AntiVir, ArcaVir, Avast, AVG Antivirus, BitDefender, CPsecure, Dr.Web, F-Prot Antivirus, F-Secure Anti-Virus, Fortinet, Ikarus, Kaspersky Anti-Virus, NOD32, Norman Virus Control,
    Panda Antivirus, Sophos Antivirus, VirusBuster and VBA32

Our AV is not where we want it to be yet.
There is a continous improvement on it.
for it to be a world leader, it will take time. Sometime in 2009 (fingers crossed :slight_smile: ), we will start challenging the AV leaders. Until then its a continous process of improvements.

Keep helping us!

thanks
Melih

The behaviour you described is triggered by D+ Safe or D+ Paranoid Modes
You can consider to switch D+ to CleanPC mode for a couple of days and run few apps to train the HIPS.

Please post any question related to CFP to Help for v3 board

Dear gibran,

that was not a requst for help but expression of annoiance. If not even Comodo products know and trust each other then it produces a DOS by bombing you with (useless) requests for decisions.

R.I.P.

…just look for instance at https://forums.comodo.com/help_for_comodo_antivirus/how_to_disable_detectiion_of_notavirus_items-t28000.0.html to see what I mean.
You have so many issues with the existing products that bundeling your forces to solve these and to do one thing right was better than splitting the forces up to do three things a bit.

R.I.P.

Wait a second,

that product is a beta which means it’s still under development. Have you seen how quickly the CIS beta’s came after each other ? Have you seen them fix most of the bugs ?

Well they did, and except for Opera, I don’t know any other company that respons so fast

Xan

yeah, Xan,

I guess all the products are permanent BETAs :-
It’s some kind of strategy to explain everything.
See CAV2 BETA which will soon be followed by CAV3 BETA, without ever seeing a 2 FINAL. I bet.

R.I.P.

CAVS2 as you said already in the other topic ( ;)) will indeed never come out of beta for the following reason :

Comodo was NEVER happy with that version. It used lot’s of recources, the detection was bad and there were a lot of bugs. That why it never came out of beta, there is no other reason !

Xan

well, that makes us two who are unhappy ;D

hehe :wink:

Have you tried the new CAVS 3 already ?

Xan

…just downloading COMODO Internet Security 3.5.52764.414 RC1
But that’s OT in this thread.

I really liked Comodo got the idea of doing one thing right instead of 3 …

Great ! :slight_smile:

What about posting back your thoughts about CAVS 3 and if they’re positive we can close this thread with a positive note (:s*)

Xan

Xan,

I am so sorry. Do not take my approach to “see” only the bad as a negative one. I am (hopefully) an IT Pro, trained to see what does NOT work as it should.
I just installed CIS 40 minutes ago and out of the stand I have SO many things to complain about!

First off the good ones:

  • it reallly takes less resources
  • it seemes to leave VNC and RAdmin allone

BUT:

  • the firewall component “forgot” ALL it’s settings (had CFP 3.0.12.266 before) during upgrade!

  • Firewall does NOT make FIRST an net audit to know “what is LAN, what is Internet”

  • I understand that as CFP does NOT allow any difference to LAN access vs. WAN access

  • Firewall missing setting “allow Access to zone x ONLY”

  • Firewall zones editor missing editor for zones type (home, company…)

  • Firewall: Advanced: Alert Settings: “This computer is an ICS Server” is enabled by default

  • Firewall: Advanced: Alert Settings: “enable lerts for Loopback requests” is enabled by default

  • Firewall: Multicast addresses are seen as Internet addresses

  • CAV: Settings: Real Time Scanning: “Automatically update VirusDB before scanning” does NOT make ANY sense in REALTIME scanning!

So, Xan, what are Comodos excuses, except that the software is free and beta?
I have a usual question, asked many software vendors: Do these developers NOT use their own software? If they did and if they were normal human beings how comes it is SO far from what is needed?

I am seriously sorry to have no better report, Xan. But it backs up my “do one thing right”-theory.
How could or would I trust a company that produces such software? And that’s the biggest point in the “it’s free”-discussion: Having seen these weak free products I would NEVER invest money in paid products of this company.
This is unfair as so many others deliver bad work too, but that’s how I feel.

R.I.P.

P.S. I was VERY interested in Melih’s point of view.
You’re the CEO. Are you really happy with what your company delivers?

You have such a bright, social idea! But how much does that help if it’s so poorly “implemented”?

Thank you.

First of all, I’m happy you tried it.
Second, reporting the good things wouldn’t make sence so it’s normal you focuse on the ‘to do’ list :).

- the firewall component "forgot" ALL it's settings (had CFP 3.0.12.266 before) during upgrade!
Did you back-up the settings from CFP first ? (miscellaneous --> manage my configurations --> export ; later import them again ?)
- Firewall does NOT make FIRST an net audit to know "what is LAN, what is Internet" - I understand that as CFP does NOT allow any difference to LAN access vs. WAN access - Firewall zones editor missing editor for zones type (home, company...)
True, you can put this on [url=https://forums.comodo.com/beta_corner_cis/comodo_internet_security_beta_wishlist-t26998.0.html]the wishlist[/url] however. But I actually don't see the need for it...
- Firewall missing setting "allow Access to zone x ONLY"
Go to : Firewall --> advanced --> Network security policy --> edit then you can choose which ports you would like the program to have
- Firewall: Advanced: Alert Settings: "This computer is an ICS Server" is enabled by default - Firewall: Advanced: Alert Settings: "enable lerts for Loopback requests" is enabled by default
What's the problem with that ? It just gives higher security and you get almost no alerts, so ?
- CAV: Settings: Real Time Scanning: "Automatically update VirusDB before scanning" does NOT make ANY sense in REALTIME scanning!
88) There you have a point, if it needs to update every single thing it will scan in realtime, we'll get a lot of update traffic ;D But this is just a GUI problem, nothing serious
- Firewall: Multicast addresses are seen as Internet addresses
Errr... you were saying :-X , I don't know what you mean so, I can't help you with that... perhaps you can ask why they do that in the [url=https://forums.comodo.com/beta_corner_cis/comodo_internet_security_35_beta_questions_and_answers-t27001.0.html;msg197059#msg197059]CIS questions and answers[/url]

For some reason, I don’t feel right saying that everything is bad. It has some flaws indeed, but look at what you said, are they really such a problem ?

Regards (and waiting for your reply of course :))

Xan

[color=red]At the other moderators, please do not merge/move just yet…

Dear Xan,

I am not as sophisticated as you. Please excuse I am not taking the time (as you did) to natively “quote and reply”.

Did you back-up the settings from CFP first ?
NO, Xan. I am a bleeding stupid user (I do not pretend to be. I am.). How would I know about it if C. did not tell me?

True, you can put this on the wishlist however. But I actually don’t see the need for it…
Xan?! How con you “not see” the difference in trusting an application to access the LAN and accessing the internet???
This is one of my most important criticims on C. Firewall!
(Almost) any app is safe on LAN (even a bot!).

Go to : Firewall → advanced → Network security policy → edit
That’s not available in 3.5.52764.414.
Again, I am not playing stupid. It is just not available in 3.5.52764.414.

What’s the problem with that ?
it’s simply wrong on 9x% of all computers. I don’t know which behaviour it triggers. It is simply wrong.

Multicast vs. Unicast: Xan, this is essential networking.
Iif (I sincerely do not know it) multicasting does not (today) produce a thread I would not want to be warned about it.

Thank you and your fellows for the time you take to maintain this forum.
Really.

R.I.P.

NO, Xan. I am a bleeding stupid user (I do not pretend to be. I am.). How would I know about it if C. did not tell me?
Good question, it would be nice if CFP/CIS asked you while uninstalling (wishlist, hint hint ;))
Xan?! How con you "not see" the difference in trusting an application to access the LAN and accessing the internet?? This is one of my most important criticims on C. Firewall! (Almost) any app is safe on LAN (even a bot!).
Because, I'm like you but I'm willing to learn and that's what I do ;D :-[
I am a bleeding stupid user (I do not pretend to be. I am.)
That's not available in 3.5.52764.414. Again, I am not playing stupid. It is just not available in 3.5.52764.414.
Try taking a look at the attached pictures, I hope it was what you were talking about
it's simply wrong on 9x% of all computers. I don't know which behaviour it triggers. It is simply wrong.
Just a funny thing, first users were complaining that CIS standard defense was set lower than CFP and now you ... :) You can change it to disabled if you want, but the security is just that bit higher :)
Multicast vs. Unicast: Xan, this is essential networking. Iif (I sincerely do not know it) multicasting does not (today) produce a thread I would not want to be warned about it.
And if you set the alert trigger lower ? Firewall --> advanced --> Firewall Behavior settings --> alert settings

Well, I hope I could clear some points out again :slight_smile:

Xan

[attachment deleted by admin]

Rest in peace CIS/CFP may have a different design but it allow to do the same things you posted about.

Regarding the config lost it will only happen with 3.0.12 and 3.0.13. That’s why automatic updates were disabled for these versions

Automatic updates for versions 3.0.12.266 and 3.0.13.268 are not available;

Those versions are way old and may even date to 10 months ago.
Post 3.0.13 Updates will not remove existing configs even with CIS beta.

The remark about LAN/internet traffic paradigm hint to a simplified rule representation that is used in a 3rd party firewall.
Such paradigm cannot supersede a full ruleset implementation and it will only be useful as an optional wizard.

Regardless of the distinctions between unincast, broadcast, multicast traffic I guess one thing that could be possibly bundled by default would be a LAN and LAN & outgoing predefined policy.

Once an appropriate predefined policy is in place it doesn’t really matter If the firewall provide a setting to ignore such traffic besides IIRC it would be possible to use an ALL application (*) policy in the firewall ruleset too thus restricting the alerts displayed.

CIS/CFP already detect new NIC interfaces and add them to Network Zones.
It is possible to block a specific Zone easily using Blocked network zones without having to create a specific rule.

Apart from creating an Internet zone in Network zones there is no way to tell if a nic is needed for internet connections or not besides it’s up to the user to decide if a nic should be trusted or not regadless of internet connections.

AFAIK the feature you asked for in that topic is not implemented in many other AVs even tough the exclusion list allow to prevent scanning of potentially unwanted apps.

Sure such a feature would be useful that’s why I posted a whishlist even before you created that topic.