Make two sets of Monitoring Settings. One for Trusted Files and one for Untruste

trusted vendors list is a weak point in defense because some vendors (were) and can write viruses in future

i do not care the software is signed or not i want to control their access to keyboard monitoring… there should be some option in HIPS to enable and it won’t look software is trusted or not it will ask for keyboard monitoring permission anyway (and same for all other options too)

another thing is that i hate adobe’s updates and GOM’s updates so it will be great if comodo could install them without problems but ask for internet connection permission

p.s. yes i know i can uncheck box to trust software signed by trusted vendors but then every monitoring setting in HIPS will give alerts for every software

With v6 Trusted Software Vendors list can be disabled. When using HIPS simply disable keyboard monitoring under Monitor Settings.

another thing is that i hate adobe's updates and GOM's updates so it will be great if comodo could install them without problems but ask for internet connection permission
Make a custom Firewall rule for them in Firewall Rules. Or switch to Custom Policy in Firewall completely.
p.s. yes i know i can uncheck box to trust software signed by trusted vendors but then every monitoring setting in HIPS will give alerts for every software
Then delete the vendors you don't trust.

Do I understand you correctly in that you want to monitor everything for unknown & untrusted files but only certain things for what Comodo considers safe files/files from trusted vendors?
Or did you mean that you want monitor everything for every file trusted or not but not have two different sets of monitoring configurations?

For the later you can set HIPS to “Paranoid” but for the first one there currently isn’t a configuration that supports this to my knowledge.

Not completely sure what you mean by this one, you can set the firewall to “Custom” and it will ask for trusted applications too, or you can add the files used by adobe etc for updating into unrecognized files and then it should ask for these files even under “Safe” setting, if you don’t want HIPS to interfere you can add an application rule for adobe, this won’t affect the firewall.

Indeed, this makes me unsure for what you meant with single monitoring configuration or multiple i.e one for safe files and one for unsafe files.

If you want to all new files to be monitored but all current files to be trusted then you can turn off the trusted vendors list and set HIPS to “Clean PC” mode, at least that is what I think it will do.

yes this is it… i want to monitor everything for unknown files but only certain things for trusted ones

EricJH
there are too much vendors i can not do there something manually

p.s. this is not about me i think others will find this useful as well

You can disable the whole list. You don’t need to remove each vendor manually.

Not to be rude, but he has already stated why he doesn’t want to do that in the original post.

Yes, I read that. And Erich pointed out how to accomplish what he has asked for.

From his response about individual vendors, I can only assume he was talking about removing them individually.

It sounds like he only wants to trust a limited set of vendors. So it would be easy enough to delete them all. And then each time when installing a signed program from a vendor he wants to trust he can add that vendor.

Please notice that his wishes are contradictory. He does not want vendors but then complain in the p.s. about the consequences… :-\

Yes, he wants to run a HIPS, but doesn’t want it to function the way a HIPS is supposed to function.

A HIPS is supposed to monitor all processes and alert the user when a process wants to do something. There is no way to reduce the amount of alerts generated by the HIPS unless you institute methods like Comodo has added to CIS, like the trusted vendors list and automatic sandboxing. Remove these features and you have a straight HIPS. And a straight HIPS will generate a lot of alerts because that is what it is supposed to do.

When reading the bellow and going through the thread again, do you still think EricJH accomplished to point out what he asked for? What was asked for was a feature, a wish, not a suggestion for a tedious work-around.

To me it doesn’t sound like he only wants to trust a limited set of vendors, to me it sounds (and has been confirmed by himself) that he wants the ability to have HIPS monitor certain things for unknown & untrusted files but also have the ability to monitor trusted files but only with certain monitoring options which would result in all vendors being in the trusted files but HIPS would trigger alerts for these trusted files but only for some things.

For example trusted files are monitored only for direct access to keyboard while unknown files are monitored for everything.

And please notice that those are his opinions that contradict (which to me seems to lie in failure of communication), not the wish in his post, the wish was for different monitoring options for trusted and unknown files.

(Yes I know I sound like a d**k, at the moment I can’t find a better way to put this, it feels like even though the actual wish is there in clear text, it was decided to continue on the thread that had nothing to do about it for reasons I don’t know which in my opinion is sort of disrespectful)

See attached picture, I saved it as a .png so it can show as good as possible. Now imagine two of those, one for trusted files and one for unknown & untrusted files.

[attachment deleted by admin]

I get it now. He wants two sets of what aspects to be monitoring by HIPS. One for Trusted Files and one for unknown files.

His topic start was confusing though as his thoughts were sketchy.

I will adapt the title and move the topic to Wishlist - CIS board.

this is what i meant

i am from Georgia and our goverment was officially spying (it wasn’t a secret) on political opponents and after investigation finished the information spread out that they used some chinese software vendors whose products were signed…

Bidzina Ivanishvili who is a billionaire could not protect his date because of this problem…

I like this idea.
+1

If I haven’t made it obvious yet, I am also in favor of this idea.
+1