Trusted vendor names look suspicious

Looking through the trusted software vendors, some of them look odd to me. Here are few names, tell me if they look reputable because to me they don’t. what do these companies do and how do we know if we have software installed by any of them?

12 Ghosts Inc.
15 million Elephants
Active Crypt Software
bold software, LLC
Dad-PC
Data Access Inc.
Peering Portal corp.

and countless others that can’t even be pronounced.

stop being ignorant, you can’t judge by name

You aren’t the only one who is upset about the TVL…check these links:

https://forums.Comodo.com/empty-t67291.0.html - TVL VS signed malware
https://forums.Comodo.com/empty-t67932.0.html - The vendors should be well checked before entering the CIS’s TVL !

Or do a search for “TVL” or “trusted vendor list”.

Personally, I put D+ in paranoid mode so it wouldn’t use the TVL. :stuck_out_tongue:

You are partly right, but sometimes strange names = strange companies…and unimaginative malware programmers.

They could be foreign companies.
I think that there should be a prompt if a vendor on the TVL is accessed for the first time, saying if you trust the vendor. That would help everyone. :slight_smile:

You can’t deny they sound weird, it’s not ignorance. ;D

when i saw the vendors request thread and how easy any companies get included in the TVL, im scared. i can create a fake website of a fake company, and ask to be included in the TVL, and i will be…

In principle no, softwares have to be digitally signed > see : Overview - Trusted Vendors - Comodo Internet Security

check this:

and this:

http://techblog.avira.com/2011/02/21/malware-signed-with-fake-avira-certificate/en/

I say “in principle”. I’m no expert, so I don’t know if Comodo’s Application Form for software developpers ( Comodo Internet Security | Trusted Vendor List Sign Up) is rigorous enough to prevent fake certificate of legit software

I too dislike the TVL in CIS. I had rather it contains just the necessary stuff to allow the computer to run properly and receive a prompt from CIS when I download a software asking me to check with Comodo if it is a genuine signed one.

dont take it for you ^^ (it was not my goal). i even put it in a topic, so people can have an idea that nothing is safe in security^^

agree with you for the TVL.

No problem, i didn’t take it for me.

If you read the link I provided in last reply, you’ll see the TVL is some sort of adertising for Comodo to sell certificate. It does’nt too much wory me if Comodo tries to make money that way provided they double check for the security issue you raised.

me too, comodo is a company, they must have incomes to continue delivers a good CIS, but at least we must have the choice to use the TVL or not.

but at least we must have the choice to use the TVL or not.
also at least comodo lgives us the chance to rifle through the TVL unlike other ones out there. :) privatefirewall doesn't count because it's very tiny

it is why i still use it, when the TVL part will be redesigned to be more easily tweaked, i think most of the complains will disappears.

I don’t see what ignorance has to do with it. We have the right to be cautious about what we let on our PCs. I see thousands of names but have no idea what programs or types of files. I should just trust them because Comodo says they’re safe?

The option is to set D+ to Paranoid mode. This way, the TVL is never referenced. The downside to this is that YOU will need to make all decisions on all apps. Unfortunately, until Comodo come up with a user definable, locally managed TVL, the choices appear to be Trust All (on the TVL) or Trust None.

A hard chioce, but ultimately your decision, as it’s your system and your security.

Hopefully, they will come up with a better alternative.

Cheers,
Ewen :slight_smile:

+1 :wink:

I didn’t know that TVL could be bypassed.

Only by Paranoid mode