Streaming AV updates

I think this feature is needed and most of the other vendors already provide such a thing.

I don’t understand why this would be needed. All running applications are automatically checked against the cloud anyway. Thus, the signatures for malware which tries to run on your computer should already be effectively as up-to-date as possible.

I won’t vote until the option “Yes but optional” is put in because it sounds like it would mean that they are basically pushing updates to you without you asking for them which is nothing I agree with however it sounds like a good feature but it should really be optional and in my opinion disabled by default. But that’s if I understood the wish correctly.

Also, what Chiron said.

I would have to disagree. I think it would be almost mandatory to have it enabled by default. What’s wrong with pushing updates? You get the regular ones automatically or at least you should.

not needed. like chiron said anything run will be checked in the cloud so theres no need for another module doing the same thing.

But it’s not doing the same thing. If implemented correctly, it could negate a lot of the cloud lookups.

Why would you want to negate the cloud lookups? To me the cloud is definitely better than streaming updates.

What I mean it that it would make some cloud lookups not happen since there already was a signature present in the db from a streaming update. This could improve overall performance. I didn’t mean to completely forego the cloud feature. There is a place for both in my opinion. Other vendors are employing both features and it works very well.

In the way I am thinking about pushing updates, I mean that the comodo servers initiate a session with you without you asking for it and that is nothing that should be enabled by default, if streaming is to occur then at least it must be started by the program on your computer, but I really don’t see the point since cloud look-up would save data since it’s one look-up and one result whereas streaming would continiously stream data and would require an open connection to comodo servers.

There would be no constant streaming but rather more like what you don’t seem to like. A connection established only when necessary to download small incremental DB updates. I see nothing wrong with that. Norton has been doing it for years with their pulse updates and Avast also does it as a part of their cloud service. It is something you could disable but it’s beyond me why anyone would want to.

+1 Voted NO

Also voted No, unnecessary for this product.
If was a standalone av only then maybe.

The thing is, for them to be able to push updates to you without your computer requesting updates, then you would either have to a) forward ports or b) have an open connection at all times, I for one do not want to have Comodo be able to make a connection whenever they please and would rather have my program ask for an update.
Both a) and b) pose a security risk in my opinion.

You have the cloud. It identifies threats through CIMA.

I don't understand why this would be needed. All running applications are automatically checked against the cloud anyway. Thus, the signatures for malware which tries to run on your computer should already be effectively as up-to-date as possible.

So you’re concerned about a security risk from the very company who is providing the security? That sounds really paranoid to me. Why use a product if you don’t trust it?

i would prefer it to be optional actually

and i think and or assuming what SanyaIV is talking about is there will be a port always open that how i understand it

i do have a few questions

first how does the streaming update installs justcurious since the update process seems to be long

second how will it affect peoples with limited bandwith or using dial up or bad internet connections

i dont really know much how it will work or affect whether the cache builder be run very frequently to clear out things , also curious whether comodo server can handle it

I think the whole updating procedure would have to be modified to accept such small incremental updates. You’re right that the current updating mechanism does seem to take too long and downloads too much. It’s very “clunky” in my opinion. Ideally, a small streaming update would just append itself to the existing database and take very little time. The streaming update data would also be cleared by the next regular update that would of course include the signatures that had been streamed plus others that weren’t as important. It should be able to be handled on Comodo’s end by the cloud servers but maybe some changes would have to be made. I don’t know much about the technical side of it but I stand by my opinion that it would enhance security and overall performance of the suite. As I said before, Avast does it and it’s the main thing I miss since coming back to Comodo. Norton has also been doing it for years.

Everyone here seems to have a big problem with the redundancy of this system to the current implementation of the cloud, but I fear some of these reactions have fallen into the trap of what’s “needed,” in fact, the trap was laid in the original post.

Regardless of what is or isn’t “needed,” streaming updates would improve security. So…


Another potential, and not mutually exclusive, implementation would be to complete local signature database whenever the cloud database is called, according to what the local database is lacking. I bring this up as a matter of balancing server load and signature delivery. Though, I say this with no concept of how much more or less load this would cause than streaming updates.

That statement is invalid because there isn’t a security risk in the current iteration of CIS hence I have nothing to be paranoid about and hence I don’t use a product I don’t trust as you seem to be implying.

The reason I don’t think it’s a good idea is because I can only think of three ways this would work in a technical way:

  1. You open a port for Comodo to push updates to you, downside is that this can be exploited by others.

  2. You initiate a contact with the Comodo Servers upon starting CIS and then maintain this connection until shutdown, problem here is that in order to maintain a connection, packets must be sent back and forward otherwise the connection will be lost so there would be a kind of “ping” packet going through every so often and at the same time also asks whether there are updates or not. This is also a problem because that would be useless junk traffic (which could slow down the internet for people that doesn’t have that great internet connection and it would also require constant CPU access) that isn’t needed because of the cloud which will still give you the same end results without all of that pinging back and forth.

  3. Similar to “2)” but instead oh having a constant connection it just does similar update check to the normal update check, but does this every few seconds.

Basically 1) would be a security risk and 2) & 3) would just generate loads of traffic that isn’t useful and this would also affect users who have a set data rate etc.

Edit: I also don’t see how this would increase security because in the same way that a new hash might have been learned through the streaming, it would also have been learned when doing a cloud lookup, hence they offer the same actual security. And the performance is debatable since you can compare loads of traffic spread out over usage versus waiting a tiny bit of time for cloud lookup to complete.

Then you also have to think about the performance of the servers which now on demand gives updates and look things up, instead of constantly streaming to what, millions of people?

At the moment there does appear to be a security risk in the virtual kiosk.
Keyloggers able to sneak by the firewall and the av not working correctly in this environment.
Seems pretty major to me and hopefully it will be fixed soon as i dont trust the virtual area at the moment. :-\