Smart TVL. 2 TVLs instead of one.

One big Trusted Vendor List(TVL) is very bad, using “Paranoid Mode” is very uncomfortable for the user. So:
Comodo must have 2 TVLS, one(small) for famous very trusted vendors(such as Microsoft, Google, Adobe, Apple, Opera, Mozilla) and one for others, not so trusted vendors.
Programs from vendors from the first list can be added to Trusted Files List(TFL) automatically and programs from vendors from the second one must be added to TFL only with question.
In addition can be a checkbox that allow/disable automatically(without any question) adding applications from vendors from TVL#2 to TFL.

With this option turned on(allowed) we have a current one TVL, nothing changes. But with this option turned off(disable) we get a smart TVL and some more alerts. Everyone will select for himself what he prefers more.

Please add a post if you like this. I forgot to start a poll.

People have been asking for more user configurability of the TVL as long as it has been around… I don’t know if it’s ever going to change.

I personally would love an option that tells CIS not to add anything to my list, and only trust the vendors I select. I see no point to having vendors that I don’t use (and never will) on my list.

Then I don’t understand why the developers don’t want to add some functionality. This is a safety issue!

This is a good option. I don’t understand why it isn’t still added. But with one TVL this option will not decide a security issue.

It is a good question as a whole. First I also want to know all cases when application is added automatically to Trusted Files List(TFL) now.
I know three:

  1. Vendor of the program is in the TVL.
  2. The file was created by the file who has predefined policy “Installer or Updater”
  3. The file was added to Protected Files and Folders List

Yes, this is exactly what I suggest. 2 TVLs decide this task. You can manually add and delete vendors which you trust, also you can manually add and delete vendors which programs can be added to TFL only through the question from Comodo(a pop-up alert).
I don’t agree with you that there is no necessity in TVL#2. This is a kind of trusting to Comodo. If Comodo placed some vendor to the TVL#1 you can trust these vendors and only delete some of them. This would be similar to a list of root CA certificates in my OS (Microsoft or other decides what root CA certificates must be present in the system and you able to modify this list). TVL#2 is a kind of the intermediate certificate authorities. And if Comodo placed some vendor in TVL#2 I want to see a question and manually decide to place application from this vendor to the TFL or not.
For example, if I download a new unknown application with digital signature I don’t really know can I trust this vendor or not!? or something other antivirus and that’s all what I can know about this new application. That’s why if Comodo places this vendor into TVL#2 this is a kind of trusting to that vendor. Certainly Comodo must guarantee at least that there are no any malware program from this vendor, if it is then this vendor must be deleted from TVL#2 and even more: it must be placed to the Blacklist of vendors. So we get a new VL :), named Blacklist of Vendors(BLV).

And only if I myself know that this vendor isn’t reliable I can answer “No” to the Comodo’s question about placement the application from this vendor to the TFL.
If not use TVL#2 you will get very many pop-up alerts if you don’t trust the vendor or you risk to trust a not reliable vendor(potential malware).

In addition can be a checkbox that allow/disable to ask question about placement an application from vendor from TVL#2 to TFL.

Files are also added to the Trusted Files List, even with the TVL removed, D+ and all associated components disabled (i.e., when using just the firewall).

??? How did they get there?

Good question…

The only way I’ve found to prevent it, is to delete all the files in:

C:\Program Files\COMODO\COMODO Internet Security\database

Then change the permissions on the database folder, so the files can’t be replaced. Doing so, however, is not something I’d advise.

And why this and this was? :slight_smile: Seems to be you have known something new about Comodo during the last days? Yes? :wink:

It’s been discussed before, quite a few times. If you look around the forums, you’ll find some very old threads. I don’t worry to much about it, as I only use the firewall.

!ot! Не понял, Radaghast, а я то к примеру тоже вроде как [u]использую[/u] Comodo Firewall :). Почему это не волнует тебя? Это ж вопрос безопасности.


Я не использую D +, я использую только Firewall, и я создал назначенное задание для удаления всех файлов в папке базы данных каждый час. Мне это не нравится, но это то, что мы сейчас имеем.

Значит видимо используешь какой-то другой HIPS ;-). Какой если не секрет?

Я не использую, ничего, кроме Firewall.

I think this is a good place to leave the Russian conversation :slight_smile:


I think this is the worse choice than to use some HIPS module even not ideal. 8)


Maybe yes, maybe no, but it’s my choice. It works for me and has done for a very long time.

Some ideas similar to yours comfireuser.
Add Options,
Comodo controlled vendors = Automatically added and ticked.
Comodo/User Controlled vendors = Comodo adds but not ticks.
User Controlled vendors = manually add and tick.

For user controlled have boxes beside the vendors (Tick to allow) with the options to tick all, untick all, tick individual vendors.
Just some thoughts.

[attachment deleted by admin]

The problem with this, at least to some extent, are the disparate groups of users of the product is catering for. On the one hand you have those who would be happy to see the list grow and grow, so they never have to be bothered by alerts, on the other you have those who don’t want a TVL or anything added to Trusted Files, unless they say so. There are good and bad arguments for both.

Adding to this is the size of the TVL, which, as it stands, would be way to much work for anyone to want to trawl through, manually selecting a box here and a box there. To keep it simple, to cater for the extremes, and maybe the middle ground, perhaps the configuration choices could be reduced to two.

  1. For those that want the TVL, offer to enable it during installation.
  2. For those that don’t want the TVL add the vendor/signature details to the Alert, with an option to add or reject to a personal TVL.

Likewise with the Trusted Files List. For those who select to enable the TVL, the TFL is automatically updated. For those who opt for manual control, when a vendor is added to the personal TVL, the files from that vendor can, through an additional check box, also be added to the TFL.

I think at the very least - this request has, and probably will continue to fall on deaf ears - they should make it easy to remove (entries from) the TVL and stop adding to TFL once the vendors are removed.

I like this checkbox idea. For me it would be enough that I can disable or enable the Certificates. (as long as there would be a check all/check none button) I think it would be better than two lists.

Good idea! :-TU +1