Why Comodo programmer's not develop heuristic for phishing sites ?

Protecting data vs Protecting computer are 2 different things.

CIS is designed to protect the computer from getting infected.

But do not you think limited this protection to a suite as the CIS ?

And why of the web filter presence in the CIS ?

i would like to focus the discussion…there are many names we are throwing around like web filtering etc…
there are 2 main things to protect

1)user’s computer from infection
2)user’s data from falling into wrong hands

CIS is designed to do 1.

That is correct, Melih. I understand that. CIS is designed to prevent infection and it does it brilliantly. :-TU

However, protecting sensitive user’s data (eg from phishing attack) is also part of online security. Is comodo going to offer any solution to do this or is it going to specialize in protecting computer only?

Therefore need to use an additional software to strengthen security.

Bitdefender Free offers optimum detection ( heuristics ) of phishing and malicious links from Facebook and Twitter and also against zero-day ( heuristics ) binaries.

Since CAV does not actively scan javascripts in browsers, how can CIS block this kind of malware?

Ever read about this kind of attack.

It is possible only in special rare conditions.

You’re talking Browsers now. Would this not be the domain of, say, Comodo Dragon? Not CIS

Im running cis only and liking it as its very fast on my computer but reading this thread i want to ask,am i good using only cis or do i need something else with it?Me and my family do alot of online banking and shopping online on our computers?

Please do not hijack this topic. Open a new one and we will be glad to answer your question.

Thanks.

Did not think i was hijacking the thread as the question was because of the posts inside this thread,sorry.You can delete if you like.

Look for this link:

http://www.amtso.org/check-desktop-phishing

This is a phishing page test and the heuristics of Bitdefender Free detect it:

Most attacks in Brazil are by phishing pages.

Hello devilbat66,

Thanks for your feedback.

Please kindly let me know the bug reports that you’re referring in your message below so that we will get action to solve them asap.

Kind Regards
Buket

https://forums.comodo.com/format-verified-issue-reports-cis/apps-that-can-send-lowlevel-packets-bypasses-firewall-without-notice-m1490-t110794.0.html

https://forums.comodo.com/format-verified-issue-reports-cis/cis-doesnt-prevent-buffer-overflow-attacksdetect-shellcode-injections-m1489-t111010.0.html

https://forums.comodo.com/format-verified-issue-reports-cis/heur-cmdline-analysis-fails-when-cmdline-contains-multiple-commands-m1020-t104958.0.html

Thank you for taking this feedback into account.

IT security is all about data protection… why is that so difficult to understand ?

It makes no difference if a security soft prevents infection, but allows data to be stolen\transmitted.

Virtualization (containment) only protects the physical system from infection - it does not protect data.

Malware run inside the sandbox can access and steal data… unless all potentially stolen system data is placed inside Protected Data Folder(s). How is that possible when sensitive data is spread out all over the Windows file system ? A config nightmare.

The bottom line - and there is no arguing otherwise - CIS mainly only protects the physical system, but it offers comparatively little in the way of data protections.

You don’t achieve a high level of data security by only preventing a physical system infection…

Though they implemented WebShield. Its not updated for days-weeks. Just a showpiece in GUI.
Containment is good. But they should look to provide overall security. Data theft is increasing with each passing day & is one critical aspect that should be definitely covered by security software.

But Melih does not want !

THE END !!!

To offer Bitdefender Free to their friends and clients.

It detects with his powerful heuristic.

in majority of the scenarios data is stole via infection, hence preventing infection protects data.
But in a proper architecture one cannot claim it provides data protection by simply providing protection against infection as data could be stolen in many other ways. So we are being technical and honest about capabilities.

You would be misguiding users if you were to say other AV’s protect the data, as DLP (Data Loss Prevention) is a whole another category and I don’t see how another antivirus will stop an insider from encrypting and sending data on an email!

+1

Nothing will every protect you 100%, if you believe something is protecting you 100% you are very wrong.

It all boils down to common sense in the end.

Dennis

No

No AV can protect every potential data loss pathway - and I certainly don’t expect that from CIS nor any other AV. It’s absolutely unrealistic to expect any home-grade security soft to protect everything.

Melih is talking about internal data theft - which no AV can prevent.

I, on the other hand, am referring to data loss during virtual sessions.

Data loss is data loss - difficult problem - for security soft vendor, for company, for home user.

Until security soft can tell you - “Hey, your sensitive\personal data is in process of being stolen” - it is difficult challenge.

I just would like to see Comodo protect the browser better - afterall - that is the typically the primary route onto & into a system…

and also the primary mechanism for phishing.