POLL: Misc GUI enhancements

[ol]- Drag & drop support from explorer file manager
To quickly input paths for applications/folders (useful in Computer Secutiy Policies/Network Security, My protected files, My files Groups)

  • Find an existing policy using View active connections/Vew active process list
  • Merge/group policies in Computer Secutiy Policies/Network Security policies, and create entries in “My files groups”. (Useful at least for for installed apps with multiple safelisted executables)
  • Copy existing policy in Application System Activity Control (like for Network Access Contol) or Edit Predefined Policy
  • Display entire parent/child calling hierarchy in alerts.
    Usually explorer.exe is the parent of most apps which in turn run other apps( explorer-> APP → Firefox) but sometimes it might be more complex than this…
  • Purge uninstalled applications from exception lists (eg Run an executable)
  • Ability to add a comment to Protected interface GUIDs, to show the component name
    and not the unintellegible ID number (eg {5CE34C0D-0DC9-4C1F-897C-DAA1B78CEE7C} is IBackgroundCopyManager BITS)
  • Ability To use the “Add COM Components…” without waiting for Loading data… window to complete (The wait would be unnecessary if adding some known entries)
  • Lookup descriptions for registry entries from a Central DB (eg what *\Software\Microsoft\Windows NT\CurrentVersion\AEDebug\Debugger does?)
  • Enable “My Own Safe Files” in Paranoid Mode with full autolearning (all Default actions to Ask with learning of corresponding allowed Exceptions). This will provide an alternative to automated safelisting and allow to edit a fully detailed policy even for safe apps.
  • Enable “My Pending Files” in Paranoid Mode (useful along the above option)
  • Enable “My file group” creation from “My Pending Files” (useful to easily arrange groups for policy creation purposes.)
  • Explicitly alert if the digital signature of an app is invalid
  • Menu option to move a Policy position before/after pre-existing widcarded policies (blanket rule priority management)
  • Ability to create an allow rule directly from a log entry (with optional edit) - tcarrbrion
  • An ask option in the exceptions for a computer security policy rule. (To allow a better default deny e.g. block * in run an exe but ask for c:\windows and c:\program files. - tcarrbrion
  • Access to groups directly from computer security policy. - tcarrbrion
  • Allow Shift or CTRL select when appropriate (eg “My pending Files” list) to select multiple enties easily
  • Option to disable Comodo’s global whitelist in Safe and Clean PC modes, i.e. activities for applications in Comodo’s whitelist will NOT be learnt by Defense+ in Safe mode and Clean PC mode - SS26[/ol]

Why not all of them :wink:

you get up 14 choices, so you can pick them all if you want :wink:

Love them all endymion !!!

eXPerience

I would like:

  1. Ability to create an allow rule directly from a log entry (with optional edit).

  2. An ask option in the exceptions for a computer security policy rule. (To allow a better default deny e.g. block * in run an exe but ask for c:\windows and c:\program files. At the moment you can only allow exceptions which is less secure)

  3. Access to groups directly from computer security policy.

I added them as well but I cannot edit the max number of votes anymore nor I can enable the option to change/remove to vote for the new entries as well)

Oh well, let’s us some magic power ;D
I guess 120 vote options are enough ?

eXPerience

Thanks :slight_smile: :-TU

edit

PS: I added one more :-[

I also vote for 18 but I have already voted.

Hi there,

you should be able to change your vote now.

best regards,
eXPerience

Thanks, changed it.

“Explicitly alert if the digital signature of an app is invalid.”

I would love this one.

Voted:

10 is absolutely brilliant feature request.

Feature request: implement Defense+ option to disable Comodo’s global whitelist in Safe and Clean PC modes, i.e. activities for applications in Comodo’s whitelist will NOT be learnt by Defense+ in Safe mode and Clean PC mode.


update:

Learning of D+ in Safe/Clean PC is not what i expected, and conclusions followed are invalid.

[s]This Safe mode’s option could replace #10 because it would be fully equivalent to #10 when option “Trust applications signed by trusted vendors” is turned off in Safe mode. I.E. only executables from local user-defined whitelist (“My own safe files”) would be considered safe with full autolearning support.

This Safe mode’s option could be more flexible than #10 because it would allow to use full autolearning for apps digitally signed by trusted user-defined vendors if option “Trust applications signed by trusted vendors” is turned ON in Safe mode.
Currently Paranoid mode doesn’t provide autolearning for digitally signed apps, hence #10 would require implementing one more feature to make it as flexible: autolearning for digitally signed apps.

P.S.: i used Safe mode in my examples, but it is in fact valid for Safe/Clean PC modes. [/s]

I added the new entry to the first post, though the poll ought to be edited by a moderator or it will be impossible to resubmit votes nor increase the max number of votes. :frowning:

Hi,

you have 120 options to choose + the ability to change your voting. Is there anything else you wish ?
best regards,
eXPerience

Not anymore. iI looks like it disappeared the moment I added the new 19th poll entry. :frowning:

Thanks :-TU
It’s good it is there even if it would not part of the poll.

Well, i didn’t know about this 3d :slight_smile:
BTW i made some suggestions here:
https://forums.comodo.com/beta_corner_cis/when_will_cis_4_beta_be_released-t42723.0.html;msg327124#msg327124

I hope it’ll help…:slight_smile:

Regards

Seems like they (Comodo) changed the way how learning is performed. Beginning from what version of CF/CIS? See this post for example. Why have they (developers) done so?

This renders feature request #10 quite useless. Why? Because learning procedure of Paranoid mode would be same as of Safe/Clean PC modes. Which would result that “fully detailed” policy for app is not achievable due to learning procedure which sets almost everything to “allow” instead of adding exceptions to “ask”. Almost like “Trusted app” predefined policy :-\

I guess you should have been aware that your comments were a poor match for feature request #10 the moment you bolded the same part you specifically reinterpreted leveraging on some sort of foretelling conjectures.

I guess that hijacking that wish to ask questions related to another topic was at least of some use…

…nevertheless that feature request remain unchanged and indeed wish for all default actions set to “Ask” with learning of corresponding “Allowed Exceptions” (in a similar way Protected Registry Keys access rights of safelisted apps are currently learned)