Main Area and Open Discussion > General Software Discussion
Comodo Internet Security -- a cautionary tale?
oblivion:
This isn't really a cry for help as a story detailing some of my experiences that others may find useful. I posted a version of this on Gizmo's (as I used their security expertise for one of the relevant decisions I made here) but it's a bit in the grey area for them because it's not just freeware I discuss.
I have a Win7SE netbook. It's about five years old now -- an Asus Eee -- and despite the small limitations of having Starter Edition instead of one of the more <cough> expensive versions of Win 7, it's been pretty good and very reliable.
Naturally, being something I carry around with me quite a bit, security's a greater concern than it might be if it was always sitting at home behind my router. It's had various AV packages, paid and free, on it over the years: when I first got it, I used Microsoft Security Essentials, then I discovered that MSE was tying rocks round the ankles of FindAndRunRobot so I extended my desktop's eSet NOD32 license to include it, then after I decided eSet weren't quite the company they used to be, I went to TechSupportAlert's security page looking for the current top two or three picks and, after some thought, went with the free version of Comodo Internet Security.
I've been using it for about a year. It was noisy for a while, as it learnt about its environment, but my main observation of it was that it was a bit demanding for my taste, at update time, in particular: the download of updated signatures takes what it takes but the time to apply them and the CPU usage while it does it (bearing in mind this is an Intel Atom 1.6GHz machine, not exactly a powerhouse) is enough to make me sigh and go and do something else for a while.
There are also occasional onscreen notifications that almost count as advertising. They're not too big of a deal, not frequent, but I'm often slightly grumpy about such things... however, a week or so back, one of these notifications offered me a full license for a year for $5. That's cheap enough that it hardly matters, I thought, and maybe it'll get me a bit more performance and a package that sits quietly in the background more. So I went for it.
I shouldn't have.
First, although it accepted my swiftly-emailed license key, it instantly started reporting problems. With the help of Comodo's support, the (huge!) offline installer for the current product was downloaded, the existing installation uninstalled and reinstalled from the download, configured and installed and everything looked fine again.
Except that I was now using their firewall rather than Windows. It is definitely easier to configure, it looks capable, it's nice and informative, but the performance hit the system has taken since the full Comodo Security Suite was installed and enabled has been noticeable.
This morning, I decided to switch off the Comodo firewall component and go back to Windows firewall.
The product started complaining loudly that I'm at risk, and I can't find a way to tell it to ignore the firewall's "off" status and just focus on the status of the AV engine. Performance instantly improved, at least to pre-upgrade levels, but at the cost of an "at risk" warning in my system tray that, effectively, is a false positive I can't do anything about.
So I chose to remove it all, lock, stock and barrel, and go back to MSE. I might try Comodo on my desktop machine -- Win 8.1 with a much faster dual core cpu -- just so my $5 doesn't go entirely to waste, but I'm not sure right now that I want to...
I've never been completely happy with any sort of software suites: I'd rather choose components that fit my needs rather than hoping that (as in this case) the other bits that get bundled with my antivirus of choice were also fit for purpose. I get the concept of integration, I'm just not sure it ever really delivers on its promises... ;)
My desktop PC is currently "only" protected with Windows' inbuilt security: the firewall and Defender. From what I think I know about Windows 8.1 and the inbuilt security stuff, coupled with the fact that I try to practice what I preach on the subject of sensible web browsing (and I use OpenDNS with their more sensible levels of security chosen and locked into my router) I'm probably okay, and $5 isn't much to lose (to the extent that if I ask for a refund I'll probably just add it to my DC donation for this year!) but I COULD try it on the desktop box...
Anyone got an useful $.02 to chip in?
(This won't be the first time I've wasted cash on security software: I bought a lifetime license for Vipre a while back that was sufficient of a learning experience that I didn't even bother documenting it above :) )
MilesAhead:
I'm with you on the suites. I'm not big on AV usage. It seems like every time I try one i can feel either the performance or stability decrease. In any case I noticed 360 Total Security for free. It seemed well thought out. I tried it and had no complaints for a few days. Then stuff started to get weird. In the end I took it off.
It seems as far as AV stuff is concerned, I can use scanners. But as soon as I try something of the Real Time Shield variety, it doesn't run smoothly. I keep image backups and do scans.
Even those browsers that have the AV built in don't want to work well for me. I don't know what it is but it seems like running with any kind of protection as the default setup just won't work for me.
Plus it seems to me like the AV publishers are the worst for providing uninstallers that don't remove everything they should. I get the feeling the salesman should have a black shirt and white tie with racing tout hat and be telling me "well you know it's really risky to run without protection. Yeah those street punks just might come by and bust up the place if you don't buy protection from us."
I never found an AV shield I ever liked.
Ath:
I have been using Avast Free for the last couple of years on all my systems, and I'm quite happy with that. Combined with the built-in Windows firewall, and a spam-filter on the systems fetching e-mail, I'm quite confident about security.
I can't compare with Comodo, as I've never installed it, ever, but compared to the, once trusty and lightweight, AVG free, the impact on performance from Avast is barely noticable. Though all the systems involved have at least a core-2 Intel cpu...
That's my :two:
Shades:
An AV solution without real time shield is the open source 'ClamWin'. There are options to add real time scanning to it, if you want it. Because of its limited feature set it isn't represented in a lot of (neutral) AV comparison tests.
Here is one though. User satisfaction is on par with AVG users. The link also provides insights into what ClamWin does and doesn't do. This way you can decide if ClamWin is your cup of tea or not.
MilesAhead:
I've tried ClamWin a few times. Especially for me it's not good because it only seems to turn up false positives for ahk and autoit3 programs. When my new hosting provider started taking files off my download page citing virus reports I went to the page they used for scanning. 4 of my zi files got bad reports on 2 out of 57 av scanners. ClamWin was one of the two in all cases.
The whole approach seems like lock the barn door after the barn has burned down. When I do Windows support on forums if someone is getting something really weird it seems a very high percentage of the time it goes away if they turn the av off. They are just petrified to run without it though. I tell them disable internet while you do the test so you cannot get infected etc..
To me it's a cure worse thn the disease in the majority of cases. It's like giving someone malaria to cure acne.
Navigation
[0] Message Index
[#] Next page
Go to full version