matousec 11月测试的排名 Fixed（毛豆排第二）

heartao

2008-11-29


2008-12-1


2008-12-01 (Comodo Internet Security scored 90% and took 2nd place): Thank you for testing our product. We are happy to report that the bug identified during your tests is fixed. Egemen TAS,
Sr. Research Scientist,
COMODO



何解？comodo花钱买名声？
对照2次PDF，发现由failed  转为 passed的有如下项目 kill1, kill2, kill3b, SSS2, kill3e, SSS3, kill5。
大家可以参看http://bbs.kafan.cn/thread-378425-1-1.html 30号官方在29日测试后做出的回应，上述除了kill 1, kill2外，其他几个经comodo官方测核实为 M测试人员错误（432版可以通过的），所以这次修改某种程度上来说为测试方纠正自己的问题，并非comodo迅速“堵漏”，然后拿updated version和人家旧版本比。

这是测试方的声明：
“We have received a suggestionfrom Comodo Security Solutions, Inc., the vendor of Comodo InternetSecurity, on how to improve the configuration of their product in orderto pass more tests. The suggested change included switching ComodoInternet Security configuration to "COMODO - Proactive Security", whichcan be done via the product's tray icon. Since our rules say that thetests are performed aginst the highest usable security configuration,we retested Comodo Internet Security 3.5.55810.432 and corrected itsresults. Its new score is 90%, which is much better score thanpreviously published incorrect value of 84%. We apologize to Comodo andall our visitors for this mistake.”
其中Kill3f未通过的原因，是cassurf会被终结......众所周知后者是干嘛的：buffer overflow, 本次测试中有这项吗？被终结会影响antileak的结果吗？但是它被认定为CIS的组件，一样扣分...不装这个组件而用CMF代替的用户肯定分数更高
这也说明comodo的官方确实很认真的验证了测试，审视发现自己的不足。如果别的产品核实后，发现自己的测试也有误，我相信FWC测试小组一定也会更正的。

[ 本帖最后由 heartao 于 2008-12-1 20:22 编辑 ]

heartao

以上转自防火墙区~~

xiajing10000

明白~~！

爱卡巴888

测试的人有病，一天一个结果，都不知道用哪个好

Magis

lz转帖好歹也写明作者啊，我也算半个原创吧~~ 连表情都照搬....
使用产品看个人喜好了，不一定要跟着测试来。再说这个测试各产品采用的是能实行的默认最高安全设置。我们都知道毛豆经过个人设置后会更强大。以下是测试方对测试环境的解释：
” We define the highest security settings as settings that the user is able to set without advanced knowledge of the operating system. This means that the user, with the skills and knowledge we assume, is able to go through all forms of the graphic user interface of the product and enable or disable or choose among several therein given options, but is not able to think out names of devices, directories, files, registry entries etc. to add to some table of protected objects manually.“

[ 本帖最后由 magiscoldeye 于 2008-12-1 21:26 编辑 ]

distance0

原帖由 magiscoldeye 于 2008-12-1 21:24 发表
” We define the highest security settings as settings that the user is able to set without advanced knowledge of the operating system. This means that the user, with the skills and knowledge we assume, is able to go through all forms of the graphic user interface of the product and enable or disable or choose among several therein given options, but is not able to think out names of devices, directories, files, registry entries etc. to add to some table of protected objects manually.“

应该是说这个\Device\Afd\EndPoint，我试了，加上一些连网程序确实会多弹出，我相信comodo官方说的，没有必要保护这个。

Magis

这是Matousec测试小组关于测试条件的解释。这个\Device\Afd\EndPoint到底是什么？我拦截过N次了（全盘监控貌似必拦），每次都小心的放行..
话说零距离每天很晚才上啊

会员价

偶爱毛豆

ls的强大了~

223311

不要老被排名左右了。这次排第二用它了，下次排第三就卸它啦？

distance0

看解释说是嗅探网络连接的，启动迅雷会弹出，不允许就连不上网，comodo辩称把这个加入保护就能过那项测试，但按上面的说明，这需要advanced knowledge，所以并不被认可。
呵呵，也不算晚。