The problem in the Buffer Overflow Prevention component can be used by exploits to infect systems via Buffer Overflow attack. Besides this, Buffer Overflow Protection was one of the most advertised CIS features by Comodo in the past.
Also the Firewall not monitoring other NDIS protocols besides TCP/IP (lack of raw packets filtering) since CIS version 6 and above can lead to data exfiltration. If Firewall filtered raw packets in CIS version 5 and older, then one would think that it should filter in newer versions too.
That is correct, Melih. I understand that. CIS is designed to prevent infection and it does it brilliantly. :-TU
However, protecting sensitive user’s data (eg from phishing attack) is also part of online security. Is comodo going to offer any solution to do this or is it going to specialize in protecting computer only?
Im running cis only and liking it as its very fast on my computer but reading this thread i want to ask,am i good using only cis or do i need something else with it?Me and my family do alot of online banking and shopping online on our computers?
IT security is all about data protection… why is that so difficult to understand ?
It makes no difference if a security soft prevents infection, but allows data to be stolen\transmitted.
Virtualization (containment) only protects the physical system from infection - it does not protect data.
Malware run inside the sandbox can access and steal data… unless all potentially stolen system data is placed inside Protected Data Folder(s). How is that possible when sensitive data is spread out all over the Windows file system ? A config nightmare.
The bottom line - and there is no arguing otherwise - CIS mainly only protects the physical system, but it offers comparatively little in the way of data protections.
You don’t achieve a high level of data security by only preventing a physical system infection…
Though they implemented WebShield. Its not updated for days-weeks. Just a showpiece in GUI.
Containment is good. But they should look to provide overall security. Data theft is increasing with each passing day & is one critical aspect that should be definitely covered by security software.