Performance and stability?
VC, can you pls expand on which areas exactly do you mean?
I thought it performed well and it was a fairly stable version (much more stable than paid for ones according to quite few people). Hence, I am puzzled as to what you are referring to, however, of course I understand nothing is 100% and i don’t want to miss anything. If you can pin point the performance and stability issues we have, we’ll try to address it.
thanks
Melih
Hi Crow, I am not understanding what you mean and apologize. I mean CPF is awesome and darn near perfect for many users. This would go under what I mean by implementing into the firewall when it’s , in my opinion, too good to have to use HIPS or anything else. I will once again rant about the OLE issue, is this the type of thing you mean? Not sure what other issues. I could see the settings being a bit different for rules etc…since many have problems but as far as secure functionality, I think it’s got others beat hands down. Sorry once again if I misunderstand.
Paul
A firewall should be a packet filter and a controller of the applications that wants to access to the Internet.
Not an application that have other things that do not belongs to a firewall.
Why a firewall should have HIPS and Sandboxing!?
If I need something like that, I would prefer to have a separated application…
Well, I can’t say I disagree as I obviously feel that CPF is simply excellent the way it is. I only hope that if unpreventable, that it works in well with it, otherwise drowning the perfect firewall would be in my opinion a huge loss.
Paul
Well, if you go for the traditional assessment (is this good english?) of a firewall then you’d be right. But having the firewall to allow browsers, messengers, p2p comunicate “without restrictions” is getting in itself outdated. Sandbox would be the natural adition for me. As for HIPS (by the way, isn’t the sandbox HIPS too?) that’s where i don’t have a final opinion. I would prefer to have it in another app, but i don’t know how they will do it. And having the option to turn off, it’s the same.
Is it going to be: CPF= FW+Sandbox+SSM and CAVS=AV+AS+CyberHawk (or Prevx1 my fav. concept) ? (i’m refering to concepts)
I do understand some of what you are saying. However, I got rid of Zone Alarm, well for one I couldn’t connect with it at all, lol, but also because it was becoming bloated, slow, not doing what it should. I simply worry that being one of the things I loved about CPF was the great job it does without the bloat. How does CPF allow browsers, etc without restrictions? A firewall can’t impose restrictions on software itself, only block communication attempts made by a software. I’m sorry if I don’t understand but CPF always gives me the option to allow the browser, messenger or anything else or certain aspects of it. It doesn’t get much more thorough than that unless you completely block the whole application which would make it useless anyway. I suppose I am not one that likes my software to do ALL my thinking for me, “not saying you do” but I like control over my software and control what goes in and out of my pc. A firewall isn’t yet capable of doing this with the exception of blocking or not and even if it was I don’t think I would like it. Ok, so maybe I don’t like the idea of HIPS or anything being implemented into the firewall, after days of thinking about it, I truly don’t think I like it. I like CPF for what it is and yes, I may be looking too much into it but say after HIPS and Sandbox are thrown in, then next generation of CPF, more is thrown in, before you know it, it will be bloated and may not do what many of us liked it for in the first place. I think “in my personal opinion” that many people are used to bloatware and flashy marketing to brag up a software and sell it and they believe this is the only way a software is good, by the more you get for free. I like my software to do it’s job, bottom line and if doing it’s job, why put anything else into it? What’s the point? Just for argument sake, if a firewall with HIPS and pop up blockers , BO protection, anti-spyware and all this other stuff that some want, is one step closer to being an all in one correct? Not a firewall, which is the reason I sit here now hoping that this isn’t going to be a trend. I always say i’m honest and i’ll try to be now. I worry that by people wanting more and more added into this great firewall, that it’s eventually going to give everyone what they want , except for a great firewall. 
Paul
Firewall should block aplications accesing internet and it is getting really hard these days to do it just on the firewall base. When a mallware injects its DLL into trusted aplication, it will leak and firewall without HIPS just would not stop it and people would not be satisfied with such a firewall, just look how many people choose their firewall based on leak tests. Sandbox should prevent the mallware from getting into the PC in first place, because there are mallware, which can alter aplications and HIPS does not even notice, neither standalone HIPS aplications do.
By the way, you can allways disable HIPS in CPF. As for me, I have ABA and CC disabled and CPF works just fine for me. Well as long as it will be possible to disable sandbox and other “addons”, I do not mind even if CPF will become a security suite with AV and so on.
One more thought, one of the reasons, why I left Outpost Pro was, because they added AS, which could be disabled, but Outpost 3.5 handled leak tests in that way, that they just added them to the AS based on signatures, that is quiet nooby, because it will not stop an uknown leak, nor Outpost did not stopped most leak tests with AS disabled. Of course, in Outpost, I was also angry, why they do not sell only firewall, lets say for 20$ and each plugin for 5$? I would buy only a firewall and 1 plugin (Active Content), so I see your point, but in CPF you will get all those “addons” for free, so what is the matter anyway? No offense meant of course. 
The problem I am seeing isn’t just with CPF. This is what I think. Are you ready to handle my rant? Rant mode on:
Hips is still fairly new to desktops and hasn’t even been stamped as a completely approved standard yet. “note” it may have now, I would have to look. That said, Everyone is getting HIPS, Comodo, Symantic, Spyware Terminator, just to name a quick few. Now the problem I have is hips may be drawn up differently a bit in each program it’s adapted for but it still has a basis to go off. Now, say EVERYONE is using HIPS, suddenly someone finds a way to infect and control it, this could be one hell of a problem. I may be over ranting on this but I just feel it’s going to be one of those “oh ■■■■” millions of pcs just got attacked deals. Will it happen, someone figuring out how to attack HIPS? Oh yes. If someone can hijack a HIPS program, it could spread through the computer very quickly, perhaps faster than before. All I see is the Glory of HIPS and not much about vulnerabilities with it. This worries me. I am very cautious when it comes to a fix it all application that suddenly flies up on every desktop. It was used in industries and such but as stated, how will it handle the desktop in the not too far future when it’s being attacked itself? Don’t get me wrong, I know new things must be put into place and I am not saying HIPS doesn’t have it’s place but I don’t think it needs to be put in with a firewall. But if it is , so be it. I mean a HIPS program can be it’s own entity VERY easy without need to be installed with other apps. But I suppose this is preference. It can do what it does without needing attachments to ANY other software. Oh well, if it happens it does…
Rant over!
Now,
<<you will get all those “addons” for free, so what is the matter anyway?>>
No offense taken and a valid point
However, I feel there are a number of things wrong. Free is no good if not wanted. I get spyware and malware on my pc free too, doesn’t mean I want it or need it. Not saying CPF is obviously but just an example. There are a number of FREE things that I don’t want or use and in that case don’t want them taking up space on my pc. Don’t get me wrong, if Comodo does this, I understand , really I do, Melih needs to try and keep up the pace, no problem but I do like to voice my opinion on it as well and I do understand where others want this. As I said in another post, I just hope it’s not a growing trend to keep putting more and more into it until bloated like my mother in laws feet. yuck. I also understand you don’t mind if it becomes a suite, but I came to like Comodo because of it’s separation of security, not integration of it. Security programs are proven to function better as separate entities not as all in ones. Although I will say this, Fix it utilities has quite a few options and such and still manages functionality VERY well. So maybe Comodo can do this too. I like the firewall the way it is I guess, and would hate to see it become bloatwall like ZA. If Melih can promise me this won’t happen to Comodo products, I would feel much better about HIPS and sandbox being attached to my favorite firewall And yes, I know, I am probably the only one who thinks way and i am prepared to receive the full force of feedback from others…
Paul
2 comicfan2000
I agree with you completely. A good security application is one that does a limited number of things, but does what it has to do for 100%. A HIPS should be a SEPARATE application, not even an ad-on, and certainly not integrated into the firewall. Simplicity and transparency is the way to go for COMODO.
P.S.: If the HIPS turns out to be not that good, then the image of the firewall itself will go down, which is also a consideration.
Paul Wynant
Moscow, Russia
I agree, I only wanted to poin out, that all in one is a good security solution for a common user, who even has a problem to get just one security aplication (AV), so if there would be Comodo all in one, I could recommend it to all. I use only firewall and if it would be possible to download standalone CPF without HIPS and sandbox, then I would rather use it instead of CPF with those things disabled. I just do not want developers time to “waste” on dividing those things, when there is still much to do, to fix (logging, GUI, rules, advanced settings, etc).
I agree there are a couple of things to be done but if there is a build, it has to be a build before it’s thrown into the firewall. I would think it takes more to integrate a program than to make it stand alone as even I can create a stand alone self extracting .exe file with little effort so I honestly don’t think that would be a problem for them.
Paul
EDIT: Just for example sake look here… http://www.infoprocess.com.au/antihook26.php Couldn’t Comodo do the same?
comicfan2000: i agree with you. But i find that a sandbox is the perfect adition to a Firewall. Not the SSM kind of adition. And isn’t a sandbox HIPS too?
It’s not about blocking the whole application, like the browser. It’s kind of isolating it from the system’s core and personal files that you choose, etc. My reference is GeSWall. It’s not sandboxie where it’s completly isolated. GeSWall preserves the funtionality of the browser, p2p, messenger. It’s just that somethings just don’t happen, like an app. changing the system, planting rootkits, etc. GeSWall isn’t perfect, nothing is of course, but the concept is there. It defines trusted apps. Then you get the option to run IE/Opera/Firefox as untrusted. Now anything downloaded (cookies, progs,…) is untrusted too. It just won’t get to what matters because it was never allowed. It has limited previleges to start with. Only the user can allow it or not. (:KWL)
from http://www.gentlesecurity.com/overview.html :
“An access restriction policy prevents leaks of confidential documents and unauthorized modification of files, registry, etc., coming through an isolated application. At the same time, these restrictions are unintrusive and do not disable important application functionality.”
Like a second firewall.
Aigle from Wilders knew how to explain alot better than me. Doesn’t he post here?
You probably know of GeSWall. I’m just clarifying my view.
As for HIPS, as in SSM/Proc. Guard HIPS, i agree, and i did say that on the previous post. And here- https://forums.comodo.com/index.php/topic,125.120.html . Forget the name and the exageration / excitement lol. I did say i would rather have it separate. That way we would choose our own personal suite. All Comodo or a mix. But the sandbox in CPF!
And it depends how it comes out. The choice of turning features on/off gives you the freedom you want. :THNK
If i were to decide, i would go for CPF=FW+sandbox. A controler/monitor separate (if needed at all, depends on the sandbox). Then CAVS.
Guys don’t worry about CPF becoming bloatware etc.
we will give our users choices… we will never force them!
Melih
Melih
In your Reply #11 on: November 09, 2006, 02:37:29 pm you stated that hips will be part of CPF, my question is, what is the reasoning behind developing hips in CAV2 and CPF. From a business point of view I would have thought that the development and the associated costs would be better spent on one or the other.
Just interested in your thoughts.
shadha
Hey Shadha,
My take on it is that the HIPS in CAVS 2 is application focussed, whereas the HIPS in a future version of CPF will be more focussed on the system entry vectors. I believe they are taking the right track.
cheers,
ewen 
As Ewen explained it CAV is focussed on Application while CPF will have full blown HIPS. There will be people who will only download AV from us and not CPF and we have to make sure to prevent any malware on their system.
Melih
Mr. M 8), with the two versions of HIPS and such, have you thought at all about making a separate Comodo HIPS program at all? A separate protection download instead of making two different types with CAV and CPF? Or because some will only download one or the other or wouldn’t download a separate HIPS , do you want to keep it integrated because of that? Will there be an option to NOT use it, like a do not use box? Would you be likely to make something separate for those who may not use either security? Call it “C-HIPS?” With Comodo know how in security, could there be a spyware scanner, HIPS, or a few other things into this separate C-HIPS? I think that this would go over well, get some user votes and opinions into this new C-HIPS and see what they\we want and you are always looking for something to develop next, would this, could this become a reality? Just a thought as usual.
Paul out- (:KWL)
Hey Melih,
Re. HIPS in CAVS and HIPS in CPF, is there some common code base between the two, and some intercommunication between them?
Hmmmmm?
cheers,
ewen
As long as it’s done right, combining a HIPS with CPFW is a brilliant idea. I’m using a HIPS (System Safety Monitor) and when combined with a pfw you can have outstanding system security. The key here, however, is to learn how to use a HIPS. Be patient, be enthusiastic, and be careful! Just take your time with the pop-ups and learn all you can about how all the different processes and applications on your machine interact and influence other processes, and you will gain invaluable knowledge while locking down your machine like Fort Knox If you just accept, willy-nilly, all the pop-ups without regard to what they mean, there is no point using a HIPS.
If you know your machine is clean when you install the HIPS, run it in “Learning Mode” (hopefully Comodo will include that feature) for a day or two and the pop-ups will at least be minimized. But the sooner you take it out of learning mode and the more changes you make to your software environment, the more pop-ups you will encounter.
If you are not annoyed by them and are willing to deal with them, you will most definitely hold advantage over potential malicious attempts on your machine. If you truly do not want to bother with HIPS, then it is best to switch it off if Comodo will include that option. I recommend they do.
Hi. The thing is, like me, I already use a HIPS program and it seems this is going to be a trend for almost every security software to have. My concern is more how it will get along with other programs that use HIPS. There are going to be HIPS programs falling like rain pretty soon and wonder if Comodo really needs to worry about it in their firewall. The pop ups don’t bother me however, others will or may not tolerate it or benefit. Why? Who is going to know what half the apps are trying to install or run? I know what happens when I install, I know what needs to be installed or not, many others don’t and will simply allow it all or have to question every pop up. I suppose looking at a majority that complain with CPF pop ups, let alone with HIPS too. I almost feel Comodo may need another terabyte for pop up questions after this. :o
Paul