We have in excess of 15 million installed base of our CFP/CIS. The profile of these users are advanced users who like power and control of their system and don’t want stuff happening on their PCs without their knowledge. System administrators are within this group as well.
Now, as we make CIS more user friendly and enabling threatcast, the average users will benefit from the feedback on alerts that this experienced and advanced user base provides. This is a very unique position with the scale of user base and progress of CIS into everyday users. This is why Threatcast will work. Of course Comodo will be putting people on validating more popular alerts and migrate these alerts to either safe or blacklist too.
But what if some advanced users blocked a trusted/ok app according to their own preferences, so an average user decided to block the app too. But that average user is blocking an action of the app that the user needs, while the advanced user doesn’t.
I think there has to be pointed a quality control group, the group has to have knowledge about a wide range of applications and has to have the ability to analyse application behavior… this way, the quality and the quantity can be more guaranteed…
yes, threathcast is based on the thinking that the intelligence of the mass is more powerful than the intelligence of 1 person… this is a known theory and many people acknowledge this theory… it sounds very logical, still I have my doubts in some cases… (:WIN)
“in silence, without notification. Simply to check: with TC enabled, D+ in “CleanPC M, SM or PM”, when a new app is launched you may get a pop-up, like always. But, NO MATTER what you answer to that, if the app is listed on DB, you will get that rule! And your choice/rule goes away, without any warn. Even if you explicity type some permissions OR denials, you will get what is in TC DB. For an example: if you set to “ask” for all items for Firefox (trainning), next time you go to see the rule you will see that it is ALL allowed!!! Angry
Oh God… The only way to do your own choose is to let TC disabled at all! This is too much agressive! You can’t have TC for what you want only, or for what you don’t recognize (as a “help” to configure CIS).
I think that this is dangerous, for browsers mostly.” Link
One question, is this supposed to happen in TC? Is this the only way to use it or are there different settings with TC (e.g. “give me rating, but don’t change rules”) -or does this depend on the D+ mode you’re running in?
Well… There is a flaw to this threatcast. A team of Psychopaths could easily override the allow vote and making average people confused and blocked without knowing it that it was safe. You can maybe use the Usuability people to vote Allow or Block first before you release this as final, but have a perfect RC final-like version that doesn’t have as much ThreatCast votes or statistics in them.
TC enabled should just give an option, as a “guide” for who doesn’t know what to choose.
Could say: “10 million users allowed this, do you accept allow this?” This is imperative to success.
:■■■■
I will NOT leave COMODO, no matter what. I really TRUST in COMODO.
I really did a serious comment, and I didn’t planned to hurt anyone. Sorry if I was rude, my bad. (just learning english - not my natural language)
edit:
I will try to make sense on my point:
D+ is in PM.
I did a rule by hand for svchost. Tested and working for now (re-started 3 times, used FF, sol.exe and some others app that I did before, no new rules created)
Then I want to access paint.exe never acessed before, so no rules for it yet.
I change from PM to Clean Mode to get the rules for paint.exe via TC.
paint.exe is fired now.
TC get the rule for paint.exe.
Get back to Paranoid Mode.
TC changed my pre-defined rules for svchost, not only for the interaction with paint.exe, but allowing everything else in a generic way, without asking or notifying.
TC shouldn’t modify a pre-defined rule without asking or notifying the user in a generic way.
If I wasn’t clear, let me know. I hope I can be helpful. 458 and 459 reacts the same for this.
Sorry, but I genuinely don’t understand why you would need to turn off Threatcast to test malware.
Threatcast won’t stop or allow anything, it will only offer an opinion as to what your next action should be and, even then, it will only appear as part of a D+ alert.
If the issue is slowing down the malware activity or blocking it, then D+ should be the issue, not Threatcast,or am I not getting something here?
First of all Threatcast should be an additional information for CIS users about how others answered to this kind of alert but not the main security considaration. That’s why I think that the Security Considerations tab should be always displayed first and not only if there is no Threatcast rating. ( Or at least add an option to Settings menu which would allow to set which tab should be displayed first when Threatcast is enabled).
Secondly, Theatcast shouldn’t send to database answers of users who didn’t choose ‘Remember my answer’ because most likely they Allowed/Blocked an application only for this session or for testing purposes.
Very funny reaction there, panic. LOL
Been a long time since I bursted out in laughter whilst reading a forum topic.
And all that on one page. Boy oh Boy, life can be great.
