What I think of CIS today

I think the free version offers a great deal of options for being a free alternative. I would expect Virtual Kiosk to be part of the paid alternative but it’s part of the free and I appreciate that. Although Virtual Kiosk doesn’t seem to work yet, I hope it will in the near future.

I have a few wishes for CIS.

  1. Ability to configure absolutely everything in CIS from the command line, in a very throughout tested command line tool. Perferably password protected. This will make us command line gurus very happy.

  2. If Commodo want to succeed, then trust me and listen to me. During the installation process, make an offer to the user whether or not he/she wants to install a minimal graphics user interface. This minimal user interface must be lightning fast, and I do mean lightning fast, highly optimized for speed. This is for those of us who don’t care about shiny GUI’s. And if some old granny’s out there still want the shiny GUI, make that option the default recommended option.

2a: You can optimize firewall throughput by creating very good templates for global rules, and assumed templates for application rules. Once you can assume what rules fits 90% of the population, you can also avoid general programming logic and optimize for that particular rule-template. If the user creates a customized rule, it will then force Comodo to avoid that specific optimization, so users will most likely want to use a template. Templates allow comodo to optimize firewall logic internally by smart algorithms. Please consider this: Optimization by templates. If you don’t understand what I mean, then consider this: A user selects a template called “General Global Rules”, this template contains general global rules that fits most users in the world. Now the the comodo programming teams knows how this template is put together so they can choose different smart algorithms to optimize for that particular set of global rules, which again makes firewall throughput more efficient. The user can’t customize their own rules when using a template, because that would force CIS to stop using customized optimization algorithms. Templates should be made only because the composition of rules allows for a specific kind of optimization internally, if it does not then templates isn’t needed. So templates should only be made if it allows special optimizations internally.

  1. Software speed is highly underestimated these days, don’t do that, don’t underestimate it. I’ve worked with software optimization for over 20 years now myself, today I make my own programs pretty much always faster than other competitors out there, they are just lightning fast and the quality of fast programs is not understood fully until you try one. You don’t usually know what you’re missing until you actually run a speedy program. It is an forgotten art. Please Comodo, if you want to make CIS an absolute choice, absolutely interesting, focus more on having CIS run faster, focus on optimization. If you think it is not worth optimizing you’re dead wrong. If you do, it is going to make CIS even more popular, highly popular.

  2. I want an ability to switch configuration based on time of day, automatically. A comodo schedule system internally. Maybe even allow unix timestamps inside firewall rules, would probably be interesting too, but at least the ability to switch firewall configuration files based on a time schedule.

  3. Ability to switch configuration files if screensaver activates. (Would you believe me that 90% of the time a computer is vounerable is when the screensaver is active, and guess what… You don’t need to have the default configuration active when the screen saver is active, so why not allow it to automatically switch when screensaver activates)

  4. Ability to click the help button and get help offline instead of opening the web browser to fetch information, just in case I just reinstalled the OS and don’t want to connect to the internet yet and I am setting up CIS.

  5. Rename the “Do NOT show popup alerts” and Allow requests/Block requests… rename the drop down strings to “Silently allow requests/Silently block requests” because it is dangerous naming from Comodo and might confuse the user into thinking it will only show/hide alerts for requests, but instead it performs a request. Dangerous naming from Comodo.

  6. CIS offers antikeylogging features through it’s monitoring of the keyboard. But it doesn’t seem to monitor the User32 API call GetAsyncKeyState, this API call can log any key press in the system and I don’t know why CIS doesn’t monitor it. It’s a big question to me. The vault is open and I don’t understand why, you can just walk right in and grab all the money you want.

  7. I’m going to share a secret with the Comodo team. The general way of protecting a piece of software is to hide the functionality of the program to the user as much as possible. Preventing the user from learning how it works, how it is put together, its relationship with the OS etc. This is a wrong way to do things. The program should do quite the opposite, it should be as organized, as understandeable as possible. The user should not just understand the interface, he should also understand how the program is put together, how the different DLL’s work, use good naming for them, he should understand as much technical info as he can possibly get. I strongly believe that when users understand the technical about a program, it will become more secure, it does not work the other way around. When the user doesn’t understand the technical info about a program, the program becomes less secure. Trust me on this one. Make CIS technically obvious to the user so he understand how CIS works on his computer.

Most of all, if you want to further succeed with your product, please take my words seriously about creating a minimalistic GUI that is designed and optimized for speed, so the user can choose to install with an absolute minimalistic GUI if he wants to. When you create this minimalistic GUI, it should focus 100% on getting rid of anything the eye don’t need, it should be obsessed with speed.

Thanks for listening.