IMHO Threatcast is a good interim solution, but farther down the line a different approach should be taken. For those who are power users and want control, the current CFP is fine already as is. I’m not sure how many power users would actually use Threatcast much; most power users would probably prefer their own judgement over a Threatcast recommendation in most cases. Having Threatcast wouldn’t hurt though, as long as the power user has the final say on what choice to make in an alert. On the other hand, for the masses, I believe the best solution is to adopt the antivirus paradigm - keep quiet unless it’s reasonably certain that malware is present. This could be achieved by having a local pattern recognition system for malicious behavior, similar to that of ThreatFire. The masses, IMHO, do not want to be bothered by alerts at all, unless malware really is present. This system could be made even better than ThreatFire’s system by sending to Comodo, when and if enough data has been collected, a determination that a program has been classified by the local pattern recognition system as good or bad. CFP would contact this database when executing an unknown program, and thus spare the user from running a program that has been determined to be bad on other users’ machines. CFP would also have the ability to rollback changes made by malware, much as ThreatFire apparently can. Some changes though, such as sending of sensitive data to hackers, cannot be rolled back; that’s why I recommended that Comodo’s servers be contacted before an unknown program is executed, to prevent execution of the malware in the first place. To sum up, IMHO CFP should have a setting to allow for fine-grained control to satisfy power users, and also a setting to operate in a very quiet mode for the average user.
Time: We will sync the whitelist and (surprise surprise) the blacklist we have with TC very soon guys… 
Melih
MrBrian, you are describing Prevx.
And i don’t know how much of that is TF also (i used Prevx1 extensively, while CyberHawk/ThreatFire not so much).
I used to use PrevX also. PrevX collects behavior data and sends it to PrevX servers. The analysis is done on PrevX servers. (Correct?) What I suggested in my last post, however, is that CFP do the analysis on the client, as ThreatFire does - but with the addition of sending the determination of good or bad to Comodo servers. Kind of like combining the best of PrevX and ThreatFire :).
Yes that is how Prevx works,much of the actual anti-malware work is done at the central server,while the clients offer a cut down behavioural/signature protection.
Comodo’s database will undoubtedly grow much bigger,but at present it’s small in comparison to Prevx.I run Prevx alongside defence+ (very smoothly) and get 20 ‘unknown file’ notifications from D+ to every 1 from Prevx.Obviously Comodo will increase it’s database exponentially given time to a similar level,I just hope that Threatcast isn’t released generally until that stage or it may well put off many users faced with a barrage of pop ups.It’d be a shame if that happened because,in principle Threatcast is a very good idea. :■■■■
Hi Melih.
Are you able to elaborate on that without giving away any trade secrets? 
Greetings Mr. panic!
Given that maybe bad companies can change into good companies, is it not possible for good companies to change into bad companies?
If previous statement is true, how does Comodo verify the integrity of this trusted software database of over one million apps?
Hello Mr. floyd,
Probably the same way that other security software companies confirm their blacklist or their whitelist (depending on their philosophy). I don’t know for certain, I don’t work for Comodo, but I would imagine they would use multiple methods, possibly encompassing, but probably not limited to, hashing, code analysis, code segmenting, signature identification.
I don’t imagine they’re going to let that sort of information loose, same as any other security software wouldn’t.
Cheers,
Ewen
Thank you for such complete and astonishingly fast response, Mr. panic!
BTW, it is Floyd, not “floyd”.
;D
Cheers!
Floyd.
NP.
BTW, I’m only used to being called “Mr.” if it’s immediately followed by “you’re making a scene”.
lol, some apparently took offense to my use of words such as “buddy” so I was just trying to play it safe and be politically correct!
Thanks, panic.
Sorry for this one more off-topic post, I will try hard to do better in future!
Floyd.
actually running this build on xp pro sp3 5508,
no prob for the moment, i’m testing new way of alerts,
most of progs i use are not rating but i don’t know if this new option is active or if it’s just to show the next option that will integrate public release build.
anyway with a list of all progs used by so many people tagged safe it will be nice when comodo will auto recognize apps and allow them in the rules.
it’s the first time i test a beta comodo.
this one works fine and it’s cool to allow people to use betas.
but i have nothing to say about it very concret, just that it works fine.
no speed troubles, no bugs on the UI,
woul be nice if we could resolve ip, and see process active on network even if it’s not connected to endpoint.
i could give a try with vista on the desktop.
the desktop is a testing machine, i run all betas of progs i use, but the laptop is not allowed to become a testing machine, try to keep it troubles free. it’s a young machine, 2 months old.
so if the desktop gets into troubles, u still have a workin machine…
Partially it is done locally (heuristics, behavior blocking) and the rest is done on the servers.
There’s a post on Castlecops Prevx’s forum that explains the process.
I’m pretty sure TF does something like this too.
A program like this can’t possibly do everything locally.
Sure…
ajkljdklfjakudroieuqoifh;laskdhg;kjasdyruiwqeyropiqhwefjhasjkdhg;jakshropuwjasdkljflkadsjfkhadsjkghyuieqyrituyeqifunvueyoitrye683476bv23b4n276nxm34756bcvn7289xmc34276 b5c71832mxn7328456c0bncvnqw7n0rcqw9076evb 807ew nbv034n v903w7nbv908qnmnc834c9085m32q09x6230458c7-34bnv63429-nmcx3278n45-v324-59cm-n3457nc23847n589-2374n5c-8234c0n5mx3275c8q-347n5cv92-m892-92347m5c283434759m8-34v9-8n4273-cm234x345vbnurehfjsa;kdh;gayeoiaeropiyt934875vn-934n5v34nc5834297xm-3475nv29-3475n8c93549xm342n75c234m5c34
PS: its encrypted!
Melih
Why is Ganda’s native alien name in there ???
How soon? :o
Do you have a date? ;D
Josh.
(:LGH) I guess I walked into that one haha,I spent 10 hours today decrypting that only to discover it’s Melih’s shopping list!
not yet…
Melih
I stopped using the threatcast version when I seen around 50%+ users had not approved of Opera.exe.