From Scot’s Newsletter
Windows Software Firewalls Evaluation Rolls On
For about a year now I've been researching software firewalls for Windows. There are at least five previous installments in this series, and several early contenders have been dropped from my prospect list, which has been winnowed down to one or two products in beta. (For links to previous installments in this series, see the end of this article.)
I stopped short of naming Comodo Free Firewall 2.4 the Best Software Firewall of 2007 in the last issue of the newsletter because several SFNL readers reported issues they're having with Comodo. I asked readers last time to send me their experiences with Comodo, and thank you, many of you did just that.
The results of that little exercise were interesting. Many people are having no issues with Comodo's 2.4 firewall. That included me at my last writing on this subject. Since then, I have had some of the problems others describe on one of the now five Comodo installations I've been testing. Not the worst of the problems, mind you. But at least I'm no longer totally in the dark. And I've also worked with two or three SFNL readers to the point that I'm satisfied that their reconfiguration of the product isn't causing the symptoms they're having.
There are three different problems with Comodo 2.4 reported by sufficient numbers of readers (also posted elsewhere on the Internet) to make me think they are actual bugs:
1. Comodo forgets user inputs in user permission pop-up boxes. Comodo offers a "remember this" check box, but checking the box doesn't appear to work.
2. Comodo throws off a blizzard of user-permission pop-ups — so many pop-ups that most users don't even last 24 hours before uninstalling Comodo.
3. User's system slows down dramatically after install.
The only problem I've seen personally is the first one, and only very recently. I was able to make the second problem occur by making a settings change to Comodo away from the default setting. If you're seeing a blizzard of Comodo pop-ups, try making this change:
Click the Security button along the top of the Comodo program. Then click Advanced on the left. Then click Miscellaneous on the bottom. A dialog box will open. Set the Alert Frequency Level to Low. That's the default setting.
A large percentage of the people who've written to me to complain about Comodo 2.4 will see significant improvement of the user experience with this step. About the first problem, though, the only suggestion I can make is to uninstall and reinstall the product.
At the end of July, I interviewed Comodo's president and CEO, Melih Abdulhayoglu, and senior research scientist Egemen Tas. This is a pretty rare thing, but they readily admitted that some Comodo 2.4 users are experiencing the first two problems described above. Instead of trying to fix version 2.4, they said that version 3 (under development now and currently projected to be released in October) has been entirely rearchitected so that these problems won't reoccur.
The strategy Comodo is employing for version 3 to block malware is different from any other product I'm aware of. Comodo 3 adds a host-intrusion prevention system (HIPS). If you've ever tried a HIPS, you probably know that on the desktop, such a system would probably add pop-ups and warnings. To make it easier to work with, Comodo is adding two features — whitelist and program profiling — that when combined should eliminate many pop-ups and warnings. Comodo 3 will be able to online updated with new information to support these features, and presumably users will be able to add their own intelligence about accepted program behaviors.
I'm not 100% convinced about this strategy, but I've decided to look at version 3 before I come to a decision. An early look at the first beta of Comodo 3 shows that the program has been heavily upgraded. But since the whitelist and profiling features haven't been added yet, the product is all but unusable.
Meanwhile, Eset recently released Eset Smart Security Beta 2, which combines Nod32 with a new lightweight software firewall and an anti-spam tool. Beta 2 adds direct support for Outlook Express, in addition to Outlook. I have not had a chance to test Beta 2, but this suite — which did not do well in my leak testing of an earlier beta — is still a possible contender for me.
http://www.scotsnewsletter.com/93.htm#swfw