It’s a problem that only COMODO has, no other AV vendor using whitelist (almost all of them) have this kind of issues, so there is something completely wrong in the whitelisting process or they are doing it on purpose.
Thanks for agree with me on this. (since you are comparing a one time thing in Kaspersky with the normal mode of operation of COMODO)
“You recall once when Kaspersky…” but every week there are dozens of malware that are whitelisted that are found and reported, plus some other of dozens that are whitelisted but nobody reports them.
But as usual the attitude by comodo mods and stuff is that they don’t do any mistake and comodo is perfect.
I mean there is something more important than this for Comodo right now?
In this same thread you have to samples of 2 mods using 2 tactics, like “others also has the same problem and nothing is perfect…”
This is the attitude that I’m criticizing. While the attitude/answer should be:
“yes, obviously we have a problem here, we are going to share this concerns with the dev team, because probably something can be done to improve the whitelisting process, and we don’t think that this volumes of malware in the whitelist are acceptable at all.”
You are wrong (I hope), the whitelisting is based on certs mostly, and is done manually.
Doing whitelisting based on an AV, behaviour, whatever… is like shoot in your own foot, and no other AV vendor does this.
Sorry but you are wrong, KSN does not whitelist anything its a reputation cloud http://support.kaspersky.com/7269# so if a malware gets a good raring in KSN that doesn’t mean that kaspersky allow the file automatically to access to INTERNET and modify anything in the computer like happens in COMODO
Thanks for confirming that Comodo does the whitelisting automatically it’s a pioneer in the industry and this explains perfectly the issues that I pointed out. Like I said shooting in their own foot.
If they assume that a file can be whitelisted based on the outcome of a AV cloud scanner with N engines or whatever artificial intelligence… they are assuming that the detect the 100% of malware, which normally it’s a 95% according to the test, so there is a 5% of potential malware in CIS whitelist.
I must say that I do not like that Comodo automatically whitelist files, perhaps we should have an option in CIS to not accept whitelist updates that have been automatically generated, so only whitelist updates from manually testing will be implemented?
I think automatic whitelisting is possibly acceptable, but that certainly something like this is required to balance out the danger.
Currently it seems that the only thing trying to balance this is manual user submission via the forum. I do hope that Comodo has some additional measures after the automatic whitelisting, but it appears that whatever they are, they are not potent enough.
In my opinion, something else is needed in order to counter this (albeit small risk) of the current whitelisting process. Although I’ve never heard of a very dangers piece of malware being whitelisted, I have heard of adware being whitelisted.
Few if not many criticised CIS Whitelisting in the past… But it’s almost impossible not to white-list some malware. Plus Comodo is the only full DD system on the AV market today so you can’t really compare it to anything else. Automated system or not… Humans make errors as well…
At the end of the day… It’s rare but it can happen…
It’s up to Comodo to tell… yes right we will wait 4 years more to see if they tell something. Until now Comodo is silent about this topic.
The procedure to make a Vendor a Trusted Vendor is done by an analyst. For other tasks automated processes play a role.
Other than that I agree with Dennis. Your concern is shrouded in a toxic and inflammatory tone.
Toxic? well if you see normal to find every week several malware files trusted… and what is worst is the malware in the TVL that isn’t found, and what is even worst is Comodo devs/staff being silent about this issue.
A normal person would say that the TVL is “toxic”…
PD: just in case, I don’t consider the forum moderators comodo staff