on not trusting the trusted vendor list

i have used comodo firewall/defense+ as a core component of my security setup for quite a few years (along with a few other preferred sandboxing, virtualization solutions, and ‘competing’ antivirus scanners and products), but i continually find myself questioning the ‘trusted vendor list’ and why users are unable to bypass it altogether. there are VERY few companies and organizations i would consider trustworthy, and hundreds of vendors being exempted from any restrictions by default is more than unacceptable. in the past i generally would delete all trusted vendors manually, at least until the list became so large as to make it rather not feasible to do so one vendor at a time, which is all you are able to do. this, however, may or may not negate the problem afaik. the fact that they are ‘hard-coded into the firewall’ is a tremendous problem…i don’t trust a vendor because comodo trusts a vendor…hell, i don’t even trust quite a few of microsoft’s own processes, as they can be vectors for and an important component of some of the most serious and difficult to detect security holes.

the recent clusterfark over phony certifications - which is NOT a new problem - only serves to further my desire to retain as much control as possible over my systems and network as a whole, which is something which comodo apparently does not allow. i have seen other posts expressing desire for more control of the trusted vendor list, but to my knowledge the situation remains unchanged? i understand for inexperienced and lazy users it may be best to leave it to the folks at comodo to decide for them, but such a policy is unacceptable for my own purposes. i could suggest - as others have - that comodo implements a means by which users can retain more control over the permissions inherent in comodo’s defenses; but it may be more effective to start looking for alternatives at this point…i have long been tempted to stop supporting windows entirely for security reasons, but the reality is linux is a hard sell to end users, even those desiring more secure solutions. embedded windows systems may be the last best hope for security, but are not feasible to implement except by large-scale OEMs due to licensing costs.

as i build systems for and consult clients with high levels of security in mind, i would hate to stop recommending comodo as a solution for end users because of a seemingly trivial but nearly fatal flaw of a feature which could very easily be remedied and which i must explain is a limitation of pretty much the only free option for them which is of much value. are there any possible workarounds that exist to regain that level of control or are there plans to implement a solution in the immediate future? should i continue my continual quest for a more secure environment somewhere else?

overall, aside from this issue and the inability to implement/disable some components on a more case-by-case basis, comodo firewall/defense is probably the best solution of its kind around for end-users, paid or free. i just wonder what would be sacrificed by giving users more control? it seems if there was no incentive to NOT implement such a change, this feature would have already been implemented long ago as has been requested for quite a long time, even by some long-time moderators on these forums?

Like you stated there have many outcries for more control over the Trusted Software Vendors list. I sincerely hope that the upcoming v5.4 will address this issue.

Regardless of the “quirks” the TVL has (signed malware; mostly “luckily only adware”) it is still better than Kaspersky which will trust everything with a digital signature… :wink: