Main Area and Open Discussion > General Software Discussion

Comodo Internet Security -- a cautionary tale?

<< < (6/8) > >>

ewemoa:
FWIW, I failed to find uBlock Origin via searching the chrome web store (though I read claims to the contrary in a few places) -- there was a link that worked mentioned in the following though:

  https://github.com/gorhill/uBlock/issues/50

Innuendo:
First, don't bother with any product that includes a firewall. There's really no good reason to use anything but the built-in Windows stuff... unless you're one of those paranoid enterprisey corporations, and then you'd run fascist outgoing firewalls at your internet edge, not individual machines.-f0dder (April 15, 2015, 01:19 PM)
--- End quote ---

Generally this is very good advice *except* for when one has a need to see what outgoing connections are being made with your machine. The built-in Windows firewall can block incoming connections with the best of them, but there's no mechanism to interactively allow and block outgoing connections. Most people don't need or even care about this functionality, though. For someone who is curious to see what programs they have installed are connecting to who-knows-where behind their back, leaving the Windows firewall behind is a must.

Second, I haven't seen any good reasons to use anything but MSE for anti-malware for several years.
--- End quote ---

Then, my good sir, I must respectfully believe that you have not been looking very hard. MSE has done horribly in independent testing for the last couple years, never scoring more than 60-65%. Most testing sites do not even take MSE seriously as an anti-malware solution and have stated they only include the results as a baseline. Microsoft themselves have stated that MSE has been moved to the back-burner a long time ago.

Running MSE is like driving a car without wearing a seatbelt. You'll feel secure until something bad happens.

There was a time when if anyone ever asked for a light AV solution, everybody chimed in and said Eset NOD32. End of thread. Sadly, those days are far behind us.

mwb1100:
To throw in my 2 cents:

I wasn't happy with MSE - my wife's machine ended up with some difficult to remove garbage while using it.

We have been using Webroot for about a year now, and I've been happy with it.  I tested it against some of the installers that infected my wife's machine, and it performed admirably.  I did have some small bit of trouble with it blocking copy/paste between programs that I wanted to copy/paste between (it has some sort of module to prevent programs from stealing credit card numbers using the clipboard or something).  It was easy enough to configure the program to stop blocking those operations but it was a pain understanding what was going on since it just seemed like the clipboard was broken, and I had no idea it was Webroot.

f0dder:
Generally this is very good advice *except* for when one has a need to see what outgoing connections are being made with your machine. The built-in Windows firewall can block incoming connections with the best of them, but there's no mechanism to interactively allow and block outgoing connections. Most people don't need or even care about this functionality, though.-Innuendo (April 18, 2015, 10:52 AM)
--- End quote ---
Indeed, and I haven't seen any good reason for wanting that functionality. If you're paranoid, the built-in firewall can be toggled to whitelisting mode. If you need only specific applications blocked, you can blacklist those. If you're worried about malware, well, they can just exfiltrate data through an allowed process. If you're worried/curious about new software, you should be running that in a VM along with Wireshark. I really can't find a good usecase for 3rd party firewalls - they're too confusing for Regular Joe, and they don't add anything really worthwhile for the advanced user, IMHO... just noise.

Then, my good sir, I must respectfully believe that you have not been looking very hard. MSE has done horribly in independent testing for the last couple years, never scoring more than 60-65%. Most testing sites do not even take MSE seriously as an anti-malware solution and have stated they only include the results as a baseline. Microsoft themselves have stated that MSE has been moved to the back-burner a long time ago.-Innuendo (April 18, 2015, 10:52 AM)
--- End quote ---
Have those independent test become reputable? The last time I took a look at a couple of them, the way scores were weighed was very, very suspicious and had me pondering whether it was completely independent of cash from the AV vendors. Haven't bothered to look at them for a while, but if you have a recent link to something reputable, please entertain me :) - a link to MS stating MSE has been put on the backburner would also be nice. (I don't necessarily see that as a problem, anyway - there's no need for a whole lot of new features, as long as signatures are kept up to date).

Innuendo:
Some independent sites are very reputable. However, it does all boil down to trust. What one person trusts may not be what another finds to be trust-worthy. I tend to put my faith in what AV Comparitives puts out. They take their time with their testing and while they do make money from selling comprehensive reports of their testing, they always make a basic reporting of their results free. They've been around a long time and if there were any funny business going on I would think someone would have flushed it out by now. Not only that, if they were all about the money, they'd probably be cranking out new reports for purchase monthly rather than just a few times a year.

I went on a search looking for the article I had read way back when & it's nowhere to be found (the original URL now redirects to a web page for a 2015 review of MSE...not helpful!), but thankfully I never give up and the Wayback Machine had what I needed. Here's a Wayback link to an article discussing an interview with Holly Stewart, senior program manager of the Microsoft Malware Protection Center:

Link

Here are also two articles from trusted web sites analyzing the first article  ;D  :

Lifehacker

HowToGeek

Microsoft is basically concentrating on what it considers to be the most serious threats. They still have a team of people working on understanding new threats, but they are passing that information to other vendors. MSE is now considered to be a baseline & Stewart stated that if every other AV solution is better than MSE, then they are doing their jobs right.

Navigation

[0] Message Index

[#] Next page

[*] Previous page