Well I guess they can do what they want. Here is a long of the whole conversation I had with them, just a fiy for you all.
BluePoint Security 6/24/2010 7:16:13 PM languy99 - Thank you for the offer but we won't likely ever release the malware downloader app to the public. The downloader also attempts to detect if the malware was able to execute, being sandboxed presents several issues. It may seem that we are avoiding testing that product, I can assure you we are not. In fact we had already setup the VM to test it and ran into a few issues and decisions to make regarding the settings that most products don't have, so we decided to hold off at that time.languy99 6/24/2010 7:14:37 PM
Well if that is how you feel, then my point is made, I made my point on my youtube page. I see people were right about you guys.BluePoint Security 6/24/2010 7:03:31 PM
We’ve just had dealings with Comodo users in the past and would like to escape the “expertise” and flamming of 15 year olds here, that’s not the purpose of the site. It’s a waste of all of our time. I’m not saying we won’t test it, just don’t come here to start trouble or your posts will be deleted. This site is meant to be a scientific way of testing products, without the opinions and flamming. Not directed at anyone specifically, but we’ve been through this in the past.languy99 6/24/2010 6:57:08 PM
If you don’t want to spend time on figuring out how it would work, provide me the testing software you use and I will spend the time figuring out how it should be approached while being fair. I don’t know if want to do that but seeings as you say you don’t have the time then that is the only option I see. Letting someone with more experience using comodo to check out the proper way in using the program. Have you tired selecting sandbox and letting it run to see if it does break the downloader, because the comodo sandbox is not a traditional sandbox.BluePoint Security 6/24/2010 6:44:20 PM
We have tried to stick to strictly default settings to keep things fair, with Comodo, that would be impossible. We’re not Comodo experts and have no reason to be, last I remember we would have a decision to make, sandbox or not sandbox. That decision may break the downloader all together as sand boxing has a tendency to do. There are a few factors that would need to be addressed. Unfortunately we don’t have huge amounts of time to put into testing new products as we have our own products to work on! Open to suggestions on the settings however.BluePoint Security 6/24/2010 6:40:44 PM
Since we seem to have so many Comodo users here, how would you suggest a fair test of the product? The other products we have tested are simple to install and test, Comodo will require us to either change settings or allow our downloader to run. Let’s put it this way, we don’t mind testing Comodo, we do mind the backlash we’ll likely receive any way we go about testing it due to configuration changes.BluePoint Security 6/24/2010 5:30:55 PM
Any product that uses those technologies should be able to easily prevent completely unknown malware. Whitelisting implemented properly will do it out of the box actually, of which there are several products using whitelisting out there. It’s not about brand guys, it’s about does the technology they are using make sense on the whiteboard. We’ve discussed which don’t and which do, brands are really irrelevant.BluePoint Security 6/24/2010 4:52:45 PM
We are certainly not here to make anyone look bad, Panda does fairly well in this test, we have no affiliation with them, in fact they are a competitor! Most of these products make themselves look bad by using 15 year old technology. Watch the live streams, you’ll see executable after executable running and destroying the VM’s. You’d think they work better than shown here, sadly, they don’t. Ask anyone who’s been to the repair shop if they had AV installed, most likely they did. Wiki the virus timeline, it’s been going on for a long long time.BluePoint Security 6/24/2010 4:49:24 PM
Ovidiu G. - Not sure I understand your point. BluePoint contains some of the methodologies you mentioned, AV, deny the unknown, whitelisting etc. We strongly believe prevention is key as you mentioned, in fact that’s our specialty!BluePoint Security 6/24/2010 4:31:29 PM
Comodo certainly has a fine forum for anyone interested in their products. We’re not really concerned with Comodo to be honest with you and they probably aren’t concerned with us. We have products in the enterprise and mobile space that don’t even compete directly with them. Why not ask them to setup a test at their expense?Languy99 6/24/2010 2:45:07 PM
What part of Comodo detects you application? The AV, Defense +? What? If it’s D+, in 4.1 you now have the option of running the application in sandbox if it asks for full control of the computer. Because if you give it full control, anything the application does including downloading and running malware will be allowed. There has to be a way to run it without messing with comodo’s settings.BluePoint Security 6/24/2010 12:03:53 PM
You have to choose between two different types of security systems for your home to prevent criminals from entering; A.) A system that relies upon a list of known convicted criminals (definitions) and looks at bad human behavior (heuristics) OR B.) A system that only allows known trusted individuals to enter (our system). Which one would you choose? Which one makes more sense? Which system would be capable of preventing individuals not yet known to be criminals and if they were not acting suspicious? Think about the lock & key system you use now, that’s our system. Think about leaving your door open 24/7, throwing out those that steal from you after your furniture is gone. That’s how our competitors systems operate.BluePoint Security 6/24/2010 11:53:38 AM
Tom, we don’t rely upon definitions to prevent malware, if we did, our results in the test above would be similar to our competitors who do. Also, we do not add malware tested here before introducing it into the VM’s. It wouldn’t increase or decrease our effectiveness at blocking it, again, we don’t prevent malware based upon signatures/definitions or heuristics. We know those technologies are flawed, see test results above.BluePoint Security 6/24/2010 11:50:31 AM
As has been pointed out earlier, Commodo blocks our malware downloader which we would have to manually allow, surely everyone will cry foul on the test any way it’s performed. Look at it this way, you can write down the way our product works on paper and you should come to the conclusion (if you understand the product), that it will block nearly 100% of the malware your throw at it, newly released or 10 years old. Stop testing brand names, start testing the way these products work and their way of preventing malware and you’ll be led to products that are extremely effective prevention wise. " For consumers and enterprises, buying the brand that takes out the largest ad space doesn’t necessarily equate to better security" - Rick Moy - NSS LabsBluePoint Security 6/24/2010 11:45:23 AM
We’re not avoiding Commodo, we know Commodo would do well in a test like this. Comodo’s prevention methodology actually makes sense, very few AV product’s methodologies make sense even on paper. Blacklisting? Remain off the list, your done. Heuristics? Make sure your behavior doesn’t look “suspicious”, your done. Frankly, I can’t believe people are still using products with technologies that we know for a fact do not work. Read the news! There are incidents almost daily with AV missing threats. The move away from these products should have been a logical conclusion years ago.BluePoint Security 6/24/2010 11:11:50 AM
We’ve explained why we haven’t tested Commodo, scroll down pleaselanguy99 6/23/2010 7:34:33 PM
Why do you keep avoiding testing comodo? People have been asking for months but you keep putting it off.
