The Art of Denial - pls tell us what you think of this article. thank you!

http://blogs.comodo.com/pc-security/computer-protection/the-art-of-denial/

As a person that doesn’t take too much interest in reading, I must say i found this article intriguing enough to read it all. Thumbs up to the Author.

And 80 Million apps in white list, nice ;D :-TU

Nice article. Lots of good arguments.

But, the future is virtual.
Layer 1: Windows OS
Layer 2: Virtual Container completely isolated from windows, where all programs and drivers are installed, without touching the system, easily killable processes and snapshot-restore to original state or last snapshot taken feature, where every new installed program is in it’s own container, not touching anything else, free to play and read-only use OS resources and write changes to it’s container only, not OS.

Default Deny might be a little bit challenging to users who just click next, next, next without looking into last Windows Update, AV Update, scanning etc…

For the time being, having automatic BB like Norton Sonar, automatic firewall like Avast, Sandbox like Sandboxie and automatic HIPS like Comodo all in one, with option to be chatty for computer savvy folks who like absolute control like “Are you sure you want to move your mouse, Yes or No?” is the way to go for now… Until there is another Stuxnet, Flame or whatever…

Nice read, thanks for linking boss :-TU

What can I say? I knew it already and that’s why I use Comodo :slight_smile:

My big question is coming to mind when i read that:

HOW does the comodo whitelist on my computer get updated? (Especially, cleaned from bad examples).
From time to time i run a “search for updates” under “More”.

That is the only “update” function in place. And each time it says: Up to date.

I got no specific answer to that question.

I was under the impression that it was through the cloud functions. In other words each time a new file is run it checks the cloud to see whether it is whitelisted, blacklisted, or unknown. If whitelisted the file is added to the trusted files list.

That said, perhaps there are other methods by which this is done as well.

That would mean, people who use comodo
defense+, firewall, without cloud,
are having a non updated version of the whitelist until next installation.

I think, for any version (which provides “safe mode” as a chooseable setting) should be an obvious way at hand to update that list.

That might prove a rather large DL for people on a slow dial up connection. Best to simply leave the cloud turned on.
You never need updates but are always kept up to date.

Thanks Melih and David, it is good reading.
We might be surprised of how many casual users still don’t realise that an AV alone just isn’t enough these days.
Never cease spreading the word.

That’s a nice and comprehensive description for every day computer users. It sums up what the situation is. :-TU

I need a button :slight_smile:

I dont want to send into the internet whenever i double click an exe.
It reminds me on chatty compulsive status news:
“I just double clicked!”

No, really, there should be a way to update such an essential part of a security software, like a whitelist, for everyone who desires to have an update.

Interesting article and some very interesting comments.

I used to work in large IBM mainframe system security (before I retired to live on my sailboat in Greece 8)) and we faced this same issue all the time, namely; there is a trade-off between ease of use and security. In the PC world most users don’t want to be bothered by security, it’s not that they are “bothered by not having full admin access” as the article implies, it’s that they just want everything to work transparently and stay secure.

My wife is a good example of most PC users, she wants to switch it on and have it work the same way today that it did yesterday, she even gets annoyed when an Adobe Flash update “gets in the way” of her expected experience. Asking her to take any sort of control over the security of her PC is like asking her to service the engine on our boat - she just doesn’t want to know. She doesn’t know what “administrator mode” even is, so she doesn’t know she isn’t one on her PC :wink: it just works, and that’s what she wants.

I run CIS on both our PCs because I believe Comodo has the best approach and that the whitelist and cloud scanning of unknown files is the best way to stay safe without too much “interference”. Thanks Comodo!