Should Comodo trust itself?

U-D-E · November 16, 2010, 5:30pm

Hi. I’m currently experimenting with Comodo Firewall with Defense+ in “Paranoid mode”. This mode should allow the stuff that is defined in the Computer Security Policy, and nothing else.

I wanted to test this, so I downloaded the latest installer for Comodo Firewall. Funny thing is; the installer runs without any pop-up.

How is this possible? Shouldn’t the installer be blocked until I allow it to run?

kinemitor · November 16, 2010, 7:13pm

paranoid mode dont “block” files to launch, it will ask you when it attemp to do something

U-D-E · November 16, 2010, 7:32pm

Thanks for the reply kinemitor.
The thing is that in “Execution Control Settings” I have chosen to have all unrecognized files blocked. This means I could not even run Notepad before adding it to Trusted Files (which then is added to the Computer Security Policy I suppose).

So nothing can run without my approval, period. That’s how I like it.

What I don’t get is why the Comodo installer is not prevented from running when everything else is.

kinemitor · November 16, 2010, 7:45pm

even with paranoid mode and treat unreconised as blocked.
files digitally signet by trusted vendor like the comodo installer or mozilla thunderbird should not be blocked

in earlier vesion there was possible to block all, even trusted vendors
by unchecking the box in defense + settings
“Trust applications digitally signed by Trusted Software Vendors”
http://help.comodo.com/topic-72-1-155-1115-general-settings.html#Trust_applications_digitally_signed_by
but this help file is outdate since they have removed that option

actually you will not find that option

U-D-E · November 16, 2010, 8:35pm

Thanks again, that could explain it. Except I have just deleted Comodo from the list of Trusted Software Vendors and tried the installer again. It still runs!

I have also previously deleted every single entry on the list of Trusted Software Vendors but for some reason they are automatically added again without my approval.

EricJH has previously stated that to disable all whitelisting I simply need to use the Paranoid Mode:
https://forums.comodo.com/empty-t59650.0.html
But I guess that was for the previous version. Perhaps I should simple continue that thread. I really hope the possibility to disable all whitelisting still exists.

Dennis2 · November 16, 2010, 9:07pm

You need to disable cloud otherwise the Trusted Vendors list is updated.

Dennis

[attachment deleted by admin]