Okay, after reading for hours the long lasting discussions everywhere on the forum, the ones regarding with the many popups generated by CIS. There is an easier way to fight against it.
Its simple,
1- Updates the whitelist as a blacklist does. (Dont get me wrong, i mean to update it as continously as a blacklist.)
2- The whitelist has to use more common method to recognize program. (I mean, the current solution of using digital signatures will not work.Why? because note every vendor signs every file they make. It should be checked by MD-5 or a like method that cannot be spoofed. A method that in the way that every file canbe recognized no matter who maked it.
And 3. (For the sake of usability).
TO MAKE THE WHITELIST OPTIONAL, and to permit the user to make changes to it.
I mean, it should be easier to mantain a Whitelist than a Blacklist right? Then why not do it?
I can’t remember where but there’s a thread here somewhere, which states that Comodo are contacting vendors who don’t digitally sign their software, to work out some other type of accommodation.
It looks like the white-list is already updated along the blacklist (point 1) and that there is also an hash based withelist (point 2) along with “trusted vendor” white-listing.
Although the hash based whitelist is not editable it is already possible to disable it and trusted vendor white-listing setting D+ in Paranoid mode (part of point 3).
I would also like to add that CIS should include a Run Safer feature for running specific applications, e.g., Internet-facing applications like IE, Firefox, Outlook, etc., with limited rights afforded by LUA. Online Armor has a Run Safer feature for assigning a LUA token to selected apps. Sure, I could put CIS in Paranoid mode, but I don’t want to be nagged by D+ popups just to ensure that my web browser doesn’t do malicious things to my system. I’d rather run my web browser with reduced rights, in a DropMyRights fashion.