Actually, no, most AVs don’t do anything like this; they are reactive, rather than proactive. That is, they are designed only to respond to a known infection (ie, a “cure”), rather than to stop an infectible from getting a foothold in the first place (ie, a “prevention”).
Although it’s not exactly the same, v3 does provide protection for startup items, given that it will alert to ANY attempted change. It will give the user an alert that “item x” is trying to access/modify/whatever registry key z, or any other application, system file, etc. Further, you have the option to define some registry keys, files, etc as “protected” and set how you want them to be protected. So you can stop, block, and kill any attempted change without even blinking…
There will always be something…no matter how superior both products will turn out to be. Time and testing are the best answers to your question. You can intentionally browse forbidden (:LOV) sites and install nasties to see what happens…
Just as we all know 100% security software doesn’t really exist, unless there’s a backup program (or even an different online scanner) to confirm your computer’s health, how would you know that CFP & CAVS are doing their job? I do, however, believe (since trust is a key word here) that both of them will raise the percentage close to that 3-digit number.
I guess you’re right. It was just a nocturnal thought that I had.
I can’t help wondering, how we can possibly get swindled, when doing banking matters and e-commerce:
With my bank I login with a unique code every time, generated by a “keygen”, so to speak. This should be secure. But when shopping online, I use a virtual bank card - it’s connected to my account but works only for one time, with a temporary credit card number. Then I have to create a new card for every transaction. This is great, because I never have to send my real card number over the internet. However, this login consists of only 5 signs, and it’s permanent (changeable though, and SSL encrypted). So if anyone could hijack my browser, they would get access to my virtual card, and be able to shop how much they want to, with my bank account. Or does the encryption prohibit this?
MIM - Man In the Middle attacks are the way to fraud you in this scenerio.
Scenerio 1: You logon to your bank, but MIM is there negotiating everything between you and the bank, hence has access to everything and can instruct the bank to transfer money. Its not just about stealing your details, all they want is the ability to have access to your bank account, even if it means they will piggy back to your login session.
Scenerio 2: Dealing with a merchant: one of the biggest problems is how do u know the merchant is legitimate? the merchant could be MIM, hence getting details from you and using those details to buy something else from some other legitimate merchant. This way you think you are shopping with a legitimate place and providing your details, but this MIM is merely taking your details and using it.
Here is a statement: I can play chess against world’s 2 top players and I can guarantee that I will never loose to both!
-I can either win one and loose one
-Or we draw
-I will never loose both games
So how do i do that?
easy: I mount a MIM attack on them. I put them into two different rooms and I play one’s move against the other one! Both thinks they are playing against me, but in reality they are playing against eachother!
But how is it possible to be a MIM, when the transferring of information is encrypted?
I suppose this is where the certification business comes in. But how should one know that the provider of certificates is trustworthy? After about 8 months of being a Comodo forum member I certainly do trust Comodo, but I don’t really know any other provider by name. What I can do then is to shop from either 100% well known sites, or sites in my home country which seems to be totally trustworthy - e.g. if they have a vast range of merchandise, if they are certificated and use SSL encryption, if they have a registered corporate number, and so on.
depends on where the encryption starts and where the MIM is going to interject itself. MIM could have interjected some malware or simply poised your DNS. (there many different techniques)
As to how to trust certification authorities, if we don’t do our job proplerly, then people won’t trust us, so we are motivated to get it right, otherwise we don’t get paid for it cos people won’t trust us and people won’t buy certificates from us.
Be carefull what you are saying, I might take a bet with you on this. (:KWL) You need to be more specific - you must play with one player with black figures, and with other with white figures, otherwise you will most definitely loose both, unless you are Bobby Fischer. (:WIN)
actually colours don’t matter…
you can play against one in one room and the other in the other room. As long as you then play one’s move against the other, colours don’t matter.
Think again, grasshopper. You have two games, A and B, and in each game you have Opponent A and Opponent B.
Melih’s premise is based around Opponent A in game A making the opening move. Melih would then replicate this as the opening move in game B. Opponent B would then make his move in game B. Melih would replicate this move in game A as “his” response to Opponents A’s opening move. He is then acting as the man in the middle and each of the opponents are, in effect, playing each other, using the man in the middle as a proxy.
If the move order is any different, Melih’s premise fails.
Wonder if there could be a Comodo Response Team that could be put in place, along with a Commercial Package that would include more thorough inspections and questioning, to ensure new Threats are discovered and eliminated as close to Instantly as possible but not months later.
Hi Melih, I’ve heard enough trash talk to last me for awhile, a considerable amount of the folks that miss the memory firewall as well as BOClean as stand alone… surely there has to be a spot to reinsert them?
From beginning, I want to emphasize that no one could better as Melih explain the
direction in which computers protection will go. I think there is no product in
this world to protect against Zero Day attacks, but the important thing is the
direction which the Internet Security Products is going to reach this ideal and
I think Comodo Internet Security is one of them (actually am sure now ).
What I say is of my own experiences after an extensive testing of many products
based on classic AV (based on detection). I can say that in the last 6-7 years
from all products tested by me (bitdefender, avast, avira, zone alarms, pctools,
avg, mcafee, symantec and kaspersky) no one could provide me “peace”, what to
say about a kind of “warranty” of protection against new malwares appeared on
the market. For conventional products based on detection, what matters is or
a good basis with signatures (which could mean many infected computers),
or a good infrastructure to detect new malwares so that the product be best
on the market. But I think this is not enough to present day. The only product
that impressed me was Kaspersky, but unfortunately not convinced me. Therefore,
in the past three years I started using Comodo as impressed by defense+ module
(HIPS technology) and I realized that this is the right direction of computer
protection, but something was missing. The missing thing was completed now
with whitelist and the sandbox. This was the first thing that made me believe
I found the product wich I’m looking for.
Most products have these modules into their component: Detection / Cleaning
and Prevention. The most classic AV are based on Detections and Cleaning but
but not so much on Prevention. What they offer in terms of prevention do
not cover the full range of new malwares on the market. The second thing
wich convinced me that I found the product wich I’m looking for is how
the three modules are used:
Prevention
Detection
Cleaning
I am aware that this technology is under development, but what matters is
that I found the product which can lead in the Future of Computer Security.
I can not conclude without trying to answer the question: Is Comodo Internet
Security the way to Protection against Zero Day Attacks? I think YES and if
not yet, I’m sure is the right direction!
).