Comodo apps should be learned automatically due to Trust applications digitally signed by Trusted Software Vendors besides even if a trust application button is not available there is Treat as option that is even more flexible.
Dear gibran,
yes, “you saw it first”.
I never wanted the honor to be “the one” who found out whatever. I also used search before posting the not-a-virus - issue. I have only effort to point that out, no use. So you do not need to point ME to your other posts. Point Melih to them, that woud help so much people!
I just tried to explain myself and what I think a simple user would like to have.
Regarding the networks (LAN, WAN, Unicast): This IS essential. One does not need a firewall if it does not distinguish between localhost, LAN and WAN.
Again: It’s NOT about what an IT Pro needed but the broad user base. EVERY LAN behaviour is (almost always) OK, every WAN behavior NOT.
R.I.P.
Those are not really major and could be implemented easy just put them in the wish list.
casualgamer,
I won’t call you any names.
But saying “it” (not being able to distinguish between LAN and WAN traffi) was “not major” disqualifies you totall…
I guess you are “the satisfied C. user”.
R.I.P.
Sorry I don’t think that my viewpoints are to be regarded with an higher priority than other members wish so I try to submit feedback in the appropriate places like it is obvious to guess from that post too.
Since CIS is undergoing its betatesting phase IMHO it could prove useful for any user to help test the product and submit feture suggestions in CIS beta corner board.
Hoping that some of them won’t take that chance to post unconstructive criticism.
Yep, I guess nobody could think that you were going to express something different than your own viewpoint even if somewhat you stated that as something every user need.
IMHO the LAN WAN paradigm you presented it’s an oversimplification of a real firewall purpose due to the restricted span of the effective rules enforced it could only implemented as an optional wizard.
Adding a couple of predefined rules and a couple of predefined zones to the bundled configuration will be able to mimic that oversimplyfied paradigm with the current full firewall implementation.
In fact having a dialog to choose what zone a specific app could access it would be no different than assigning a predefined policy using a treat as option.
Gibran,
I (try to) live the pareto principle. 20% effort gain 80% result.
Sure it was great to have a freely configurable firewall like iptables. But that would NOT help the average user.
We talk about a product for a broad user base. To differ between LAN (allow all) and WAN (ask) would be a HUGE gain over todays “always ask and give the user the choice to have an app inoperable or phone home”
R.I.P.
BTW: Your opinion IS more valuable than the ones of newbies like me. You committed time and energy to C. and proved to be a “friend”.
I just want to support R.I.P. in that way that I also think that setting up CFP is too complicated for the average user of the (hopefully) broad user base which consists of vastly more non tech-savvy people than gurus.
I know computer science students that ditched CFP due to its complexity using it.
When i said those are not major i meant it would be easy for comodo to add them into the program not that they were not important.
Yep that is what predefined policies allow users to do.
It is obvious that those policies are not bundled in current releases but this doesn’t mean they will never be nor that CFP is missing an important feature.
Bundling an appropriate set of predefined policy will prevent many user to create them manually and will make possible to easily restrict traffic only to LAN or allow unrestricted access or anything meaningful.
Adding a wizard to present an alternate paradigm would prove an useful too but in the end it’s only a tool to create an appropriate set of standard rules.
There are many users out there I’m unable to assume that all of them would be willing to stick with a WAN/LAN paradigm lifetime.
I may be wrong but I’m more inclined to assume that if they aknowledge that there is something more they could choose to take their time to learn it.
If so a predefined policy can be used in a simple way but it can also be reviewed to learn what rules are enforced when the user is willing to make that effort.
Dear gilran,
I do sincerely NOT understand why you try to block a useful development of CFP by asking features NO PFW (personal fire wall) has to offer.
“It is obvious that those policies are not bundled in current releases but this doesn’t mean they will never be nor that CFP is missing an important feature.”
CFP IS missing a VERY important feature if it is not able to distinguish between LAN and WAN traffic!
“Bundling an appropriate set of predefined policy will prevent many user to create them manually and will make possible to easily restrict traffic only to LAN or allow unrestricted access or anything meaningful.”
Full ACK!
“Adding a wizard to present an alternate paradigm would prove an useful too but in the end it’s only a tool to create an appropriate set of standard rules.”
Full ACK!
“There are many users out there I’m unable to assume that all of them would be willing to stick with a WAN/LAN paradigm lifetime.”
Let’s stick to the next few years.
Most users are “stupid” and do not know how to judge a request to connect whereever.
95++ % of all users were VERY happy with a LAN/WAN paradigm!!!
“I may be wrong but I’m more inclined to assume that if they aknowledge that there is something more they could choose to take their time to learn it.”
You ARE wrong! Users (not even DAUs) fall over different symbols (for instance users used to WinZip had serious difficuties to use PowerZip, which has the same menues and buttons, just different pictures on it!).
You HAVE to keep it simple for the usual user. LAN/WAN is already almost too complex.
BTW: LAN/WAN is everything one needs. I was able to realize complex security needs of companies just using THIS model (and a few extra rules).
R.I.P.
Form the point of an user when an app attempt to connect he should choose what to do. If he want to restrict that app to the lan he can do that already using a predefined rule.
How does this feature is important? it is only meaningful in a limited context.
I cannot possibly agree to a suggestion motivated by such assumption even though I guess that any other reader should have obtained by now a clear understanding of your viewpoint.
I will look forward to their feedback to know if your viewpont really represent their needs.
RIP
As this is getting to confusing I would like to ask you 1 favor.
The wishes/updates you would like to do about CIS please post them in the wishlist, this way not only you, but millions other users will get better of it…
The problems/troubles/questions you have with CIS you can post in the CIS board in a new topîc.
I’ll leave this topic opened for some more time but please watch out for the rules :
Show respect to others You are expected to maintain a helpful, respectful tone when posting. Opinions are welcome, but they may not escalate into flaming and rudeness against Comodo, its staff, other forum members or any other party. Cyberthugs will be dealt with accordingly.If this rule gets broken, I will lock this thread
Thx in advance
Xan
Dear Xan,
the only disrespect I am aware of is vs. the DAU.
Which is no disrespect but simple truth. I really loved the DAu to be more educated, not to argue with me why a password has to have more than 4(!) characters etc.
I’ll post my thoughts to wishlist as you request. Though I am convinced it is wasted time…
R.I.P.
Be sure it isn’t, there are many (important) people watching this thread 
now I’ve to go to dinner
Thx for taking the time
Xan
In my opinion most users are not stupid but they are just not interested about what is going on behind the curtains. On their PC they want to achieve something quick, without hassle and as good as it gets. They don’t want to answer any security questions. And those questions sometimes surely are difficult to answer.
I know many “standard PC users” and what is easy for us techies is already complicated for them. There are users outside that still struggle with the concept of files being independent of the program that created them and that they can be copied/moved/deleted without the creating program.
When I see things like that I immediately recognize how long the path is still for Comodo to walk. You want to secure the masses with CFP but the masses basically don’t care.
Yes, I know. I have a friend, who isn’t a computery guy. He doesn’t have an anti-virus, anti-malware, firewall, or anything on his PC (well, except maybe a 3 year old AVG Free version which is very outdated). I can tell Windows Automatic Update aren’t turned on, because he still doesn’t have Vista SP1.
And worst of all, when I look at his PC and tell him these things, he doesn’t believe me. (And he won’t let me fix his computer because he thinks I’ll add a virus to the hundreds probably on his computer. For some reason, he likes to go to questionable websites too.)
But thats not quite what I meant. I didn’t write about people willingly ignore advice and keeping the PC intentionally outdated but rather about people that want security and let me install CFP but are hopelessly overburdened with answering any of the CFP popups. So I have to setup CFP to a quite insecure but quiet setting. At least it’s better than go without any firewall.
is the latest CIS giving as many popups as the older version of the CFP? I didn’t think it did! Actually its fairly quite now which makes it pretty usable by majority.
We concentrated on providing a very powerful security platform as our first goal. I believe we have achieved that. Now we are concentrating on making it usable by everyone without sacrificing security. I believe CIS has achieved the first step in achieving that. We are committed to continous improvements for both security and usability.
thanks
Melih
Oh ok.
I guess it would be nice if there were two main settings: The first is to run by itself and decide if a program is acting bad, without detracting the user; and the second is for techies (like us ;)) that want to know what is going on.
@Melih: As I have very little spare time atm, I have to admit that I’m waiting for CIS to come out of beta/RC until I will do my first test. So my criticism is related to the latest 3.0.x build. I will be more than happy if CIS/CFP improved on the fields of usability and “user annoyance”!