Please make the "Remember" checkbox non-sticky

Please update the “remember” checkbox on alerts to always come up “unchecked”, rather than remembering the state it was set to on the disposition of the last alert.

Doing this and adding a keyboard shortcuts (Alt+R for remember?) will catch this up with ZoneAlarm’s alert dialogs…

IMHO keyboard shortcuts are off for security reasons. For example because of
ability to auto-type of some viruses/worms, …

And I think I wrote some more universal solution for your remember in “my”
suggestions. So if you’ve time please look at it and write your opinion on it.

Thank you!

Suggestions for future version(s) AIO

sticky remembering is annoying. thanks.

+1 i asked also before that the default when the user is away should be to disallow the connection and no remember box checked…

It already does this when you are away blocks and does not remember just logs the action.
You can also click the cancel button which has the same effect blocks and does not remember.
Dennis

that’s good news but are u sure? coz i asked before about it and someone told me it was accepted by default if the user was away but this is non sense…

(:CLP)

I just can repeat:
Please make four buttons “Allow once”, “Allow always”, “Deny once”, “Deny always”

That saves one click each time and you can remove that remember checkbox.

hehe a click saver dude (M)

Saving unnecessary clicks is important in UI design. I hate it everytime I answer a CIS alert box.

Well, that argument has been tossed around in ignorance by several on this board. You can easily use SendInput(), SendMessage()/PostMessage()/PostThreadMessage() and other native functions to send mouse OR keyboard input to any window in the system. I have tested automation of CFP alerts with automated mouse clicks, and it works fine.

Run SPY++ from Windows Platform SDK or .NET tools, and you will see that the alert is just a standard “#32770 (Dialog)” class dialog, and all the controls inside it are just standard windows which are children of it. The “OK” button is just a standard button of class “Button” with a text caption “OK”. You could easily write a VBA script that would change the text or click that button every time it shows up. Yes, I’ve done that from VBA, VB, C, C++, C# and Python.

So, I will reiterate that the “keyboard shortcuts are a security risk” argument that keeps being shot from the hip out here is complete bunk. If keystrokes are a security risk, THEN so are mouse clicks, because they can all be sent as simple messages through PostMessage() by sending clicks using WM_LBUTTONDOWN/WM_LBUTTONUP at the (x,y) somewhere in the button.

Ignorance is not always bliss, and security through obfuscation is generally no security at all…

-:Viper:-

Yes sure it does.
I have Vista running for 2/3 days and always check logs on fresh install of CIS/CPF3 to make sure nothing important is blocked, if there is I manually input the rule.
Dennis

You’re right. Maybe disabling of shortcuts it’s for only security reasons. I’m
not sure. And I understand that almost anything can be reproduced. I mean
keystrokes / mouse clicks. But still it’s better not to make viruses easier
times. But at reality it doesn’t matter. I just think that major change should
be in possibility to have buttons for Allow Once / Block Once and then OK button
which mean remember current settings. Just to separate one time actions from
remember actions. Or something similar, this is just my suggestion to make it
easier.

i should verify with the log but it seems the default is to allow if u look at this cap screen :


http://img517.imageshack.us/img517/4971/comododefaultdecisionfg7.png


http://img517.imageshack.us/img517/comododefaultdecisionfg7.png/1/w378.png

Sorry do no bother to check the logs the firewall does not log these events like Defence+
The only way to prove for yourself delete a rule you had a alert for a application that needs to update and change the time to 5 secs from 120 secs for the alert let the alert disappear and you will see the connection is blocked as the application cannot update.
Dennis
PS I also had to change to Paranoid Mode from Safe Mode to get a alert tried three times to update fail each time

Except that not having keyboard shortcuts is not any security at all. As I’ve pointed out, I can change all the text on the dialog buttons, in the radio buttons, and I can click any and all of the controls on the alerts with PostMessage() and mouse messages.

No keyboard shortcuts simply makes the whole firewall a pesky nuisance, not any more or less secure.

Except viruses, worms and trojans are not easier or harder with keystrokes or mouse clicks enabled for any window. Posting WM_LBUTTONDOWN or WM_KEYDOWN messages in Windows is equally simple Either way is just as easy. There is no security in disabling keystrokes.

Viruses would NOT use keystrokes to automate interfaces. Mouse clicks are much more reliable for automating application interfaces in Windows.

I do like your suggestions in this area. But we STILL need to be able to hit keyboard shortcuts to clear the alert quickly. My screens are 1920x1200, and I use dual screens. Dragging my mouse off my development tools over to click the alert controls on the other screen is simply silly. I should be able to clear the alert with keyboard shortcuts, which are very easy to implement and use for the interactive user. As long as the alert window gets the input focus, like alerts from competing firewall products, then I can quickly disposition the alert with keystrokes – without moving my mouse cursor off my work.

I’m so sick of clearing these alerts with mouse… I’ve started looking for alternatives…

You’re right. I just guess that there’s some security reason behind it. And yes
there should be some keyboard shortcuts for Alert Windows. I’ll add this to
“my” suggestions.

– tor345 – Great! Thanks. Your list is very comprehensive, and hopefully will cause Comodo to make some (most/all) of those improvements to make this a tool that power users can use for the long-term…

I totally agree with Viper. Ripping out hotkeys from interface doesn’t provide any additional security and lack of hotkeys is annoying like hell. If any of you (reading this post) is not familiar with programming ( win32 api ) then try some automation software ( autohotkey comes to mind ) and You will see how easy it is to temper with comodo interface by automatically sending mouse clicks. Also I think comodo staff should implement some hardware/driver ring-0 based protection that wouldn’t allow any apps sending messages to comodo interface ( i suspect D+ already uses some GDT hooking for that but don’t have time/nerve to investigate :slight_smile: ) and there should be no option to let other app temper with comodo interface. NEVER EVER !!!

Unless this is made a configuration option, I vote “no”, because I like that Remember is sticky.

Four different buttons would make this discussion void. And the alerts would be less obtrusive.