Giving us an option to trust COMODO’s decision or my own, I choose the second.
Hi Alex,
Yes “drown in the alert(s)".
Sorry though, since I did not get “How much you personally leave them activated ” part … my fault possibly
I do agree with The Joker
and with other Guys … SS26 & so on (my apology for not mentioning all)
Oh my! :o I even do agree with Eric! ;D, regarding the matter
Yes – the alerts are the only correct way to go
The concept employed by some security vendors including Comodo, where the main aim is to reduce Alerts unfortunately is not workable solution
There were many discussions in the forum regarding the matter.
The cryptographic was implemented in the past , but were dismissed
I do understand some reasons behind that
As a short side note: that is crackable - mathematically proven (not easy though … but still…)
The “trusted” digital signatures issue.
Again way before “The List” (& people contributing to that) was in place there were discussions about that being not reliable as well …
In the past & currently signed Apps can be tempered by malware
Then. it was noted that the signature itself can be faked (way before the 1rst one appeared)
So …?
That is not completely Comodo’s fault – the technology is not developed properly yet
As far as I remember the was discussed when v2 was in place… and Melih agreed.
Then, at the end of the day how many alerts you can have?
Users usually are setting up their systems with quite limited number of Applications they need for their day to day work
Unfortunately or fortunately 
they have to learn something. Period!
Otherwise – there is a simple way
use decent Backup
and/or
Imaging Software.
Do not use any Security
Oh ! Sorry I forgot that has some learning curve as well … What a pity story !
I have 750 installations here on XP. I am using Firewall only 3.14 with the defense+ - I don’t have a single alert !
The similar is on Win 7 x64 . The only alerts I do have are those when updating drivers (“service” alert) I can leave with that
Cheers!
Sorry, I cannot agree that alerts are the only correct way to go.
More alerts just mean larger loophole in user’s part.
Your example of 750 installations is not applicable to most users as they do not have an IT consultant setting up the PCs for them. I do install CIS on PC dummy’s machines as I can pre-configure the setting and configurations to avoid future alerts. However, other normal users don’t have helps to pre-configure their machine to avoid alerts.
I’ve been using Comodo Firewall since ver. 2.4. I quited using Comodo after it upgarde to ver. 3 as I could not accept the amount of alerts. I move back to Comodo ~ver 3.5 after it reduced the amount of alerts. If Comodo go back to the old alerts flooded style. I’ll need to quit Comodo again and that’s not my desire.
Advance PC users trust themselve more than security vendor. However, please don’t forget and ignore that, most PC users don’t have knowledge and will never want to spend too much time to learn using an security software. Normal PC users just rely on the security software vendor to help them made the decisions.
People can always use paranoid mode if they don’t trust Comodo and want more alerts themselve ???
Safe mode is very convinient even for advanced users. What was asked is to return old option which was in older versions of Comodo HIPS. This option would provide ability to exclude trust by digital signatures and in the same time would provide ability to enjoy other cool things of Safe mode and Cloud, e.g. trusting files by remote whitelist based on hash sums.
I have no objection in returning the old option. However, I find some people dislike the current development trend of CIS in reducing alerts.
My basic position is that reducing alerts is the way to go if Comodo want to target the mass PC user market. Meanwhile, options remain to allow advance users to customize Comodo for their needs and taste.
Hi hkjoj , thanks for the reply
Unfortunately I don’t have time currently in order to reply thoroughly to both of your last posts (my apology)
…but “targeting the mass PC user market” is rather creating a fake sense of security (unfortunately) - that was one point
The 2nd one about 750 installations - that I have… precisely ! not all users ever have that But that was the another point - I do not have any alerts using 3.14
Finally, the last point was - if you don’t want to learn - don’t use any security - you will be fine … if you …hmmm… 88) learn : ) hehe! some other stuff - backups & reinstalling/recovering the system
Cheers!
That’s just what you say. Not a rational statement.
As I say, you can configure CIS to avoid alerts or you have already used the Comodo’s trusted file list. And your system may have popular software so you don’t have D+ alerts for safe files. It seems that you don’t like alerts too. You just don’t have the bad experiences of other users facing flooded alerts in older versions.
That’s your position. However, it seems that you know your clients don’t want alerts. Otherwise, you do not need to setup their Comodo to avoid alerts. You already trying to reduce or eliminate your client’s effort to learn.
everything is simple - who does not want to take advantage of new developments, that uses version 3.2. Everyone else who wants to automate decision-making - using 5 … 6 etc
PS: i wont robust sollution, instead of walking in circles.
Alex
Is too dificult to give us an option to choose?
If CIS actually checks the validity of certificates and it checks that the file wasn’t tempered with (file hash still matches the one in the signature) using signatures should be quite secure. If at some point in time stolen certificates will become a daily thing, we will have more trouble than we can imagine. The entire web security is based on certificates. The only down side of using signatures is that you still need a white-list of hashes for good non-digitally signed files. A lot of good freeware is not yet digitally signed and this is where CIS has usability problems.
Using only a white-list could be implemented as a feature (turned off by default).
It is not a matter of “want / don’t want”
Sure if it is a “robust solution” one can see it as an advantage. Currently I don’t see that
Indeed many users pointed that out already & it is not difficult.
I would say - it is irrational to call my post being “ Not a rational”
I beg your pardon? “configure”?! Applying tweaks?! so the firewall for example works as a bidirectional again and so on etc.
Who has to do that? (You are contradicting yourself). Either user anyway has to learn or I will set it for him/here … only then it will be minimum alerts and then it will work as it should.
Not working sandboxed Applications is another matter & different topic, but “extremely convenient” for inexperienced users… sure 88) .
Sorry, you did not get that. I do like Alerts. So many users here pointed that as well & they like that too – that is the way to go
Not sure what do you mean by “bad experiences”?
What is “bad”? Several (or a bit more) alerts that you have to answer at the very beginning of setting up your environment?
You missed the point, unfortunately – briefly: there is always learning curve no matter what you are using.
As above… & definitely I am not trying to “eliminate … client’s effort to learn”
Even using decent sandboxing / virtualization users should learn “a bit” meaning what to wipe out or what has to be left.
In addition with “this” sandbox you still can have files written all over / registry entries amended / processes that can be run “outside” (could be dangerous) … & so on & so forth
So what possibly makes it safer when those things are in place? Without a knowledge and learning users are vulnerable … but they are happy having less alerts ??? is that what you are saying?
That is why I called it a “fake sense of security” that you are opposing.
Have a legit media for reinstalling the system; have a restore-partition that mainly comes with any contemporary system/ use separate partition for saving precious data / do not use any security
Have fun - that is the best way to go rather than having unreasonably bloated security monsters … but again as it was pointed – either user has to learn how to use those mentioned features or you as being more experienced will set all that up and help them using the Tools
Cheers!
I personally also would not refuse such an opportunity, but I think it will be a big burden on a cloud.
I do not want, what would the introduction of this option is given an imaginary representation of solutions to problems.
I’m not contradict myself. It’s you contradicting yourself.
While saying that you like alerts. You say you don’t have any alert using 3.14. (Strange)
You saying either user anyway has to learn or I will set it for him/here … only then it will be minimum alerts and then it will work as it should.
You do setup Comodo for yourself and your own clients to minimize alerts. But you don’t like Comodo to minmize alerts for their End User Customers.
You’ve said a lot. But I just find what you do is difference from what you said.
If you really do what you say. Don’t minimize Comodo alerts for your own clients. If they want you to setup for them, tell them they should learn to use it or don’t use any security software.
No, sorry … you were not attentive enough
Nothing “strange”… There are Alerts when you are setting up the environment - that’s what I said … and that is Ok having needed alerts when thay are necessary.
As soon as all was set up there are no alerts except the important ones … that we like
Cheers!
I’ve already point that out in my first reply to your post that you configure(=setup) to avoid alerts. You just miss interpreted it.
That’s always true that “no alerts except the important ones”. And that’s what Comodo doing for their end users as you do for your own clients.
- 1 I too. This is one of the reasons for I didn’t upgrade 4v.