I guess it is still uncertain if those who install many new unknown application on a weekly basis are average users whenever their habits could likely make them vulnerable to infections.
Though I wonder how advanced have to be those CIS users who ATM leverage on the color-coded severity level of alerts or if there would be someone who will fail to notice when alerts explicitly mention malware.
Hopefully the masses will know at least how to update their systems (including the AV) because it would not be possible to lower the baseline further…
Not sure what they would supposed to do with scam and phishing attempts either but hopefully with the increase of computational power and progress in Artificial Intelligence they could have their PC address such threats, and before long also delegate all sorts of tasks to their PC until they wouldn’t have to take the effort to decide either.
Indeed in years to come it is likely there would be no need for driving licenses too as unmanned cars will handle from route planning to refueling operations, carrying passengers around…
Symantec is really crapping there pants IMO. I think they ordered a lot of reviews of Norton 2010 BETA and now internet magazines are littered with Nortons “awesomness”
Norton IS awesome and because of my recent experiences with the overly aggressive D+ component of CIS, I am seriously considering going back to Norton. The only acceptable setting for D+ is Clean PC. I just lost a DVD I was attempting to make because D+ on safe mode popped up an alert about DVD Flick starting up one of it’s components and I wasn’t at the machine so the authoring process was shut down and aborted. This is not good behavior by CIS. On Clean PC it probably would not have done that. Don’t tell me what configurations will work either. The point is, I shouldn’t have to do anything to make a known safe program work.
which is why my idea is really the only way to go with if comodo really wants to become top dog. They will never achieve that if they can’t make is super user friendly. Melih can say that he wants to provide security for everyone but as I see it now comodo will never do that unless something is done to implement something along “cloud decisions” as I like to call it. And no, a white list is not the same because there are tons of programs that will never be on the white list that are still perfectly safe.
Hey Melih maybe you can give me a response to my idea and talk with the development team about how something like this could be implemented. All of the things are there, you just have to have comodo check the servers for a rating. I think it could be done without have to do tons of hard work.
Guess there are countless people out there who have been lead to believe that installing AVs was the only effort they needed to be secure whereas popular belief drifted toward an idealized AV-like approach and an oversimplified safe application representation.
Even the now deprecated Trusted Computing was supposedly meant to bring forth a default allow for “allowed” softwares whereas by design users could implicitly trust whatever they could be allowed to run.
After many years of AVs (and Default Allow) as an established approach to security, any effort other than a single click is extremely discouraging.
I often wonder if in the long term this would be more damaging than Conficker ever was, whereas even novices often rapidly abide to the ongoing perception (if they were not like that already, long before they actually bought their first PC) :-La
i think both Melih, the Defense+ is a powerful thing, but too agressive for moms and dads that dont know anything about PC’s.
Comodo is a great free company, and the AV will be better in the future i dont doubt that. But its still in the beginning fase (1-2 years?).
But you also can say,
How many Comodo Users are there
and how many Symantec users are there??
because i think Symantec has more users then comodo.
But ofcourse i like comodo, only the AV needs work imo i dont know anything about programming so complaining is easy for me :P, but comodo has great potential.
Symantec achieve a lot with their 2009 line products.They are very light ,user friendly Imo,and still have some little tweaks for advanced users(especially the suite).
In fact if it wasn’t the ask toolbar incident regarding them i would had been very close to buy the suite(i already haveNorton 2009 free license from a giveaway).
Considering that there are very many combinations of free software that you can install and achieve very good protection ,even support like(avira or avast,or avg)+(comodo or outpost free,or online armor)+other apps like sandboxie,threat fire.
So if during these not so friendly economic times,someone wants my money for a security product,i would especially demand a lot from it.
What i would expect from CIS in order to consider buying it :No Toolbars even during the installation ,user friendly GUI(the current one is not IMO),i am satisfied with forum support,no pop-ups if i would install D+,the antivirus has to very good at detecting 0 day threats.I don’t care if the AV has 10 milion signatures for yesterday’s malware,if it can’t block any of the 0 day malware,and yes i am considering that the AV should be the main component of defense.
And of course no bugs.
This was my opinion.
There are over 18million users of Comodo products. I would be more than happy to look at the percentage ratio of infection of Norton users who got infected with confiker vs comodo users who got infected. The point is Detection can no longer be your first line of defense and claim to have security.
The days of 1980s technology of scanners that checks for signatures is gone. Even symantec admits that while still selling you their AV
You’re talking like Symantec’s only layer of security is the AV. This is simply not true. They have an excellent firewall which is also smart enough to stay out of your face and they have very good intrusion prevention and behavior blocking. The heuristics are top notch and you never get a false positive. I would rate their level of security as almost equal to Comodo’s but far more user friendly. The features they are adding and beefing up in the 2010 version will only enhance an already fine product. Ten years of using Symantec products gave me zero infections or successful intrusion attempts. The thing that makes Comodo stronger is the D+ component but you pay such a high price in ease of use that the advantage is pretty much negated. As I said, Clean PC mode offers the greatest level of usability for me but I keep getting the same files over and over again in the pending list even though I have previously added them to my safe files list. This is something that should be addressed along with greatly expanding the list of trusted vendors. In my opinion, there is no need for the Paranoid mode of D+ and even Safe Mode is too aggressive. Many many people would gladly pay for Symantec rather than wade through a sea of D+ alerts. This is the challenge that Comodo faces.
I guess many people won’t actually care about security if they can be lead to believe they don’t have to put any effort to it other than a single click.
Whenever people still prefer default allow, lack of security awareness often produce results that don’t affect single individuals but countless people.
Too often ease of use complaints actually leverage on the desire that security isn’t something to be aware of or be responsible of but something to be completely delegated , usually to a piece of paid software.
And whenever a software may be more aware than the people who use it, for sure it takes no responsibility.
Security absolutely should be delegated to your security software. Otherwise, what good is it? I also am not concerned with or interested in ratings reports from anyone. I read them but never take any of them as being carved in stone accurate. Not recommended by paranoid people means nothing to me.
Thanks for your comment as it made me aware I missed to add a “completely” in my previous post.
Between absolutely and totally there is a great difference whereas it is not actually possible to delegate everything.
Nevertheless like reading skills, what good is it would supposedly be something that can be acknowledged making use of them, after some initial effort, whenever it would be possible to totally delegate reading to some hired butler for an entire lifetime.
And there is much to security that do not actually require much effort either.
Indeed, whatever anybody would like to call them, some complaints overly generalizing CIS usability are not carved in stone either.
Not sure if the “Not recommended” result of NIS 2009 could actually warrant that “paranoid” remark in the above quote nevertheless matousec are security researchers for sure…
The previous report by Matousec had Symantec in the recommended bracket with the same version of the product. I’m not sure what caused the drop since the program itself obviously didn’t change. Maybe the testing has been ramped up but Symantec is also ramping up their software in the 2010 version so let’s wait and see how that one does.
A good sense of what i should download and what not :P, of it its the wrong choice the AV that i have on that moment hopefully will stop it. (i often run beta’s on my PC so its each time different which AV i have :P).
and what i said before, Comodo is a good suite (i only dont like the AV much yet but that can be different in the future.), but too agressive for the average user and i think you meant Defense+ as your first line of protection?
Thats why i dont installed Comodo on my mom and dads computer. They already dont like the UAC so Comodo wouldnt only irritate them :P.
And Melih if im wrong with the First line of defense, what should be the First line in your opinion?
It may as well be that Symantec was not interested in matousec reports as [url=http://www.matousec.com/projects/proactive-security-challenge/results.php#vendors-responses]there is not a single response from them in the corresponding section[/url] featuring responses from AVG, Bitdefender and AVG among others.
I’ve read today Melih’s article (better late than never) and I must say that I agree with it “to the letter” !!!
In the past I had the mentality or the way of thinking just like Symantec but after paying for top security solutions like Kaspersky, BitDefender and McAfee and still have problems with viruses and trojans I decided one day to give a try to a free security product wich was Avast at that time. I’ve used that product for almost a year with no problem but then I got into trouble with a virus or trojan called Vundo. Avast couldn’t cure it at the time so in my dissapointment I switched again to paid protection (McAfee as it was the best in my opinion from the three I’ve mentioned above).
But one day after having trouble with a virus/trojan and doin’ some googleing to find out if there is a better security software out there, I found some security issues related videos on YouTube and some of them were about Melih and his “Default-Deny” theory.
So I thought about it and it totally made sense to me !!!
And that’s how I found Comodo Internet Security !!!
Almost two months since I use CIS without a problem and I must say I’m very impressed about this product and the way it gives you knowledge about every security aspect in your pc, especially with “Defense+” module when you install any kind of software on your pc !
So thank you Melih for your inovative and unique theory about security and groundbreaking security product !!!
Oh, and also THANK YOU for proving to the “Rich-■■■ Corporate Bastards” that if you have kindness and consideration you can achieve great things in this world today !!!
I consider CIS to be one of those “great things” and hope for even more !!!
P.S. Hope I’ve made myself clear (english is not my native language) !!
Here is the secruity layer you shoudl employ (in order)
Prevention (First line of defense)
Detection
Cure
Prevention is a technology like D+ (you can always set in a parental control mode to achieve zero popup)
Detection is your second line of defense and is mainly used to make Prevention less chatty (eg: no point of giving a popup for a known malware etc)
Cure is backup of all your data just in case
i dont know anything about programming so complaining is easy for me :P, but comodo has great potential.