How useful is CVE now that Firefox has built in authentication (Verisign)? Or would people consider the CVE now as just an additional layer of defence, like having a second malware scanner? Are there any real advantages to using CVE, other than fondness for or familiarity with the software?
Thanks, it was a genuine question, although after reading it it may have seemed like a criticism. I am genuinely curious as to how much safer I am with CVE installed compared to just using Firefox 3.6’s built in protection. Forgive the insensitivity, because I wasn’t in any way implying any VeriSign superiority
Yes, it’s the ‘Green Bar’ that shows beside/next to the browser’s address field when you land on any site with a certificate. Clicking the green bar pops up info about the site and you can click a button for cert information as well. Hovering over the gold lock also produces a tooltip which confirms verification. Okay, not as in yer face and flashy as Comodo VE’s big lock (which I like actually) but just wanted to know whether VE was actually redundant or not in FF 3.6.
I don’t know a great deal about these things, so that’s why I asked. Great support forum.
I feel VEngine is still very relevant, even though I do use whatever is latest Firefox.
It is nice that the browser is more evident in displaying the colored connection status, as opposed to just the presence or lack of the padlock and the letter s.
Nicer still that they show a difference between simply the presence of an encrypted connection ie. Blue bar
DV cert. (the equivalent of the padlock and s)
And an encrypted connection with a verified to be known entity Green bar, EV cert sites.
All well and good improvements.
That draw more attention to the various levels of trust/certification.
The question then is what about all the sites where they are too cheap or simply can’t afford the EV certification? That’s a lot of the web, would be my guess.
My own bloody bank only has a OV cert. Blue bar.
Solution VEngine, browser independent second opinion that what I see is what I get.
Then the second question for me is, in today’s website/server/web browser, security/insecurity/flaw and never ending “new exploit” discovered environment.
Do I very much appreciate the warm fuzzy feeling of a browser independent second opinion on all mission critical (involving cash/id) sites? regardless they be Grey,Blue,Green,Plaid.
[...] I very much appreciate the warm fuzzy feeling of a browser independent second opinion [...]
Okay, so in your opinion it’s a case of CVE adding an extra layer of protection, which provides you with a ‘double-check’ if you like - which is probably a good enough reason to keep CVE installed for many. Fair enough.
That said, if you trust the FF 3.6 built in Identity Verification you may consider the duplication of function OTT, and therefore consider CVE redundant. So, apart from the ‘double-check’, does CVE offer anything else in the way of unique features?
CVE authenticates non-secure links as well.
Example: hover over the “Philly dot com” logo on the top of www.philly.com and you will see the green outline and the “authenticated by Comodo” text at the top of the screen.
The Vengine is not a malware scanner by any means and it was never intended to be
The purpose of this Add-On is to confirm that you are dealing with the site you want to deal with currently (at this very moment) and that it is not a fake site in this respect only, which is quite good and helpful enough.
There are other layers of security that will scan the sites you are going to visit in order to identify whether there is a malicious code
There are real-time ones like Finjan or there are off-line ones as Dr. Web or Comodo’s
Site Inspector…, etc.
None of the existing layers are giving you 100% proof, all have many FPs as usual
The community rankings given by services like WOT or Comodo’s Threatcast are much much less reliable.
Yes, I wanted to try this as it sounded really useful, but when I got to the point of what browser I was using, and only IE was avaliable as a selection, I killed the install. Might it make a difference in that I am also using Windows 7 64-bit for my OS?
IE actually is the most unsafe browser anyway .
Many users do like it though and are using it ??? That is their choice
But win 7 brings it’s own problems as a whole and x64 in particular
x64 is pretty much not ready platform. It still brings many problems & questions
Say, you need to use and explicitly call IE 32bit if you want to Flash
You have to install and maintain both version of Java
You cannot have Media player 64bit as a default player when you double-click on media since MS blocked that and you need special “Registry Trick” for that… and so on and so forth…
I am not using win 7, but I do have it (x64 )
The system is not up to shape. Shame on MS… but that is different story
The thing is - I can try installing VE there, so you can do as well and test … but…
Can the developers eventually answer this question asked long ago, so we (all users ) are aware of what to expect
Summary (how I understood): upon start of IE on administrator user account admin privileges are dropped automatically for IE process hence any code which would try to modify critical system areas would get “access denied” (unless it would elevate privileges by special technique and additional step – another story).
FF, for example, does not have similar feature (afaik).
Yes, those introduced modes are increasing IE security, and as I said many users rely on that and they like IE. I am not about the propaganda: “stop using it”.
That was not the main point I was actually just briefly commented on what OP said “person doesn’t (won’t) use Internet Exploder”
Unfortunately this is not the tread to discuss this matter, but still despite the mentioned modes and UAC (how many users are disabling it? …since there is ActiveX in use you can escape “that” protection. Many & the latest MS patches for IE openly saying about “taking over”.
I do run IE sometimes but I am still using dropping rights in addition (still most likely not enough)
But anyway returning to the topic of this thread I was glad to see beloved green borders in both IEs on win 7 x64…
… cannot have that on XP for some obscure reason
You know it gets frustrating to this of us who want to get away from be locked into M$ and the excessive costs. However, when it comes to OS’es, there isn’t really a lot for us to chose from. But it would help if products like Comodo has would support no M$ programs, I.E. non-Internet Explorer and non-Outlook. Especially to thse of us on fixed incomes, it gets hard keeping current with M$ products. (:AGY)
and then I am not a user of the Opera but I think that will be supported pretty soon … Folks, who are using it will add to that
p.s. but if we are talking seriously about “us on fixed incomes” why in sober mid use Windows when there is so many free flavours of Linux with unbelievable amount of free Software out “of the box” that you never even dream of having from M$
There is no way you cannot do any imaginable work you want using Linux for free
The quality & flexibility of that Software in many cases is better than MS or Adobe or alike can provide. …
Well and from the security point of view you cannot compare winDOS to Linux as it currently stands