Unsigned applications in whitelist

siketa · January 11, 2011, 1:57pm

Hi, guys!

Is there any chance that unsigned application can become trusted permanently so we don’t have to submit each new version?
There are lots of apps which are updated very often and Comodo, as far as I know, still doesn’t have a mechanism to recognize new version as safe.
Now, we users have to send links for new versions every now and then which is kind of annoying.

How other vendors maintain their whitelist?
Can’t you make or use some kind of application (like Filehippo Update Checker) that will regularly check for new versions and will update the whitelist?

Thank You and best regards.

Chiron494 · January 12, 2011, 4:16am

+1, although I’m not sure how this can be done without becoming a major vulnerability. If possible though, it would be very useful.

Does anyone have an idea how this could be done safely?

Jacob · January 12, 2011, 5:12am

The way i understand CIS workings; this will be difficult to do; unless we have a threatcast (again) where we users can decided if application is safe, and once we click ‘safe’ its automatically submitted to Comodo’s lab for analysis and addition to the whitelist.

This is the only ‘affective’ way that Comodo could make it happen…

After a number of votes it’s automatically assumed safe with no ‘bad’ votes thus will be automatically added so future users don’t get a pop up

Just my .000000002 cents

Jake

wj32 · January 12, 2011, 5:20am

I don’t think this is possible. If a file is unsigned, the only usable identifier is the hash, which will obviously change between versions.

Chiron494 · January 12, 2011, 5:23am

The only possibility I can think of is some sort of option that would allow you to trust it based entirely on name and location, in addition to the fact it was previously trusted. The problem with this approach is obvious.

siketa · January 12, 2011, 1:45pm

OK, but how other vendors maintain their whitelist with new versions of unsigned applications?
Do they also receive users feedback?
Do they have a team whose only purpose is to search and analyze new versions?
Do they use some other procedure, not mentioned here?

Jacob · January 12, 2011, 8:07pm

Comodo is begining to get their name out
Soon, the dev’s of the software should be coming here and submitting them or Comodo create an email that they can email the hash and file

Jake

languy99 · January 12, 2011, 9:27pm

Other vendors just rely on the digital signature. Unlike comodo that does file signature or hash if it is unsigned.

Also remember most other vendors are default allow, so unsigned files are allowed to run and they will watch behaviors of the file.

In my opinion comodo has to have one of the biggest white lists ( hash ) compared to anyone else. think about other apps that use HIPS and how many pop ups you get from those compared to this version of comodo.