Why do you get surprised when running Default Allow posture?

You run Default Allow security posture, then you get surprised when you get infection.
why?

well, bcause I can? … :stuck_out_tongue:

long live cis… so I can allow everything and everything gets blocked, sandboxed, quarentened… etc.

ok, not allow… but click everything, everywhere… (almost everything)

You are right Melih :slight_smile:
I was wondering why Comodo don’t make a security product without AV. All you need is the Auto-sandbox with Viruscope, maybe the firewall to check who is connecting who.
Like this you don’t need to update the virus definitions (locally or on cloud) and you could offer Valkyrie as a on-demand feature only (if an unknown program gets sandboxed, the user can choose to upload it to Valkyrie to have a verdict. You could also set, in the free version, a max number of submissions per day so that Valkyrie servers don’t get overloaded)

its called CCAV :wink:

Not really, CCAV does have an AV :slight_smile:
It’s more like CFW with D+ but without the cloud lookup, which actually is a kind of antivirus

Right now, I am using a default allow antivirus to test it. I am not swimming into malwares or adwares.
I know how to surf, how to buy things on internet, how to install softwares, etc.

So I see no infections even without Default Deny.

My novice customers&friends need Default Deny. Because they do not know how to surf, how to buy things on internet, how to install softwares, etc.
But I cannot recommend Default Dent to them. They couldn’t use it whatever I tried. I do not know why and they always complain about Comodo after 2-3 days of usage. There is a problem that I cannot explain or you (Comodo) cannot understand

So I am trying to find best Default Allow antivirus or security suite. Sorry Default Deny :-\

Why?

They are feeling un-comfortable with Default Deny. I know Default Deny an give me %99,9 protection.
I think, CIS or CCAV are not suitable for novice users. This is what I experience and think.

what expect of it is not suitable for novice users?

They cannot manage the unknowns that sit on the “Unrecognized Files List” (talking about CIS)
They have to manually report them to whitelist. But they just want protection with less action.

Lets say I offered CIS today to my friends. They cannot install CIS on their Windows 10 PCs.
Because of Comodo’s devs did not care of this problem at its time.

CCAV is not ready to go (Valkyrie is not ready) and the CCAV offers Yandex (adware-like behavior) just like “its a must need compnent of CCAV” I reported it as wish to “stop this behavior”

and users cannot get answers on forum from Comodo. I do not want anwers from Mods, they are also users like me and others.

I also offered your browsers before… but now they are also not good…!
Do you want to see?
https://forums.comodo.com/news-announcements-feedback-cd/comodo-dragon-v52152566-is-now-available-for-download-t116600.0.html

The problem with default deny is that when a process is denied and some application breaks the user has to know whether the process should be allowed or not. Even those of us who know what we’re doing (more or less) sometimes have to check, your average non-technical user will simply turn default deny off because it ‘gets in the way’.

You simply can’t have ‘default deny’ and ‘ease of operation’ in the same sentence (or product). This is why I only recommend CIS to friends and colleagues who know what they’re doing.

+1 :-TU

I agree with this opinion

Hi Guys,
In my opinion default allow will undoubtedly always result in more infected systems than what default deny will.
A program or application broken is better than having an infected broken system, for novice or experienced users.
Technical experienced users were all novices at some point in time.
Novice users are not brain dead, you don’t have to be experienced to use common sense. :wink:

Kind regards.

I am still waiting for answers from Melih (for my above post) ?

and

Novice users do not know much about these things. This is why they are called “novice-recruit” users.
CIS’s signatures are not good at the detection of malwares (even known ones) I am talking this with my real-time experience. Don’t show me the AV-Test result, I do not believe any of those companies. They are making money from vendors back.
Average Joes need detection…they prefere detection to prevention. Best protection is great detection and then prevention.
I know the power of prevention but many of us still need detections for the holy “usabilty”…

I can manage my PC with only Comodo Firewall without AV component. AV is not needed for me. I can control Sandbox with the whitelist. But I am also tired from “submitting each file for whitelisting”…it is not automated in CIS & CFW…

Why does anyone have to “manage” what sits in the “unrecognized list”?

Hi yigido,
Protection is more important than simple usability, this goes for novice or experienced users and probably even more so for novices who will struggle to repair an infected system.
Heck novices running default allow might not even know their system is infected or that their data is being stolen.

I would personally find it irresponsible for myself to recommend to anyone anything other than default deny.
As I said previously, a broken program is way better than a broken system.

CIS can be installed on a huge number of Windows 10 systems with no issues, it is only those that have done clean installations of 1607 with UEFI secure boot enabled that cannot.
Yes I agree this does need to fixed sooner rather than later.
I also agree real world testing is the only testing worth mentioning.

Kind regards.

+1

Don’t you want to investigate “they are good or bad”… What if they are good but unknown to Comodo?
Believe me Melih, If I do not report them to Comodo… they will stay unknown forever!!

What about other problems that I mention on that post?? Please…

Thank captain, thank you for supporting me on some points :slight_smile:

But you said " a broken program is way better than a broken system."
I agree but what if that program is good…? I know we cannot risk to run that unknown on our system… but the whitelisting is so important while using Default Deny… Comodo cannot does this automaically…There is a auto-sandbox but there is no auto-whitelisting processes. Thats hard to manage…
And Comodo’s default deny is not suitable for infected systems…I prefer to install Comodo on a clean system. If a machine is infected I want to clean it with other tools that have better detections… I still want detection from Comodo, this is what Comodo do not care much because the holy preventioner sandbox.