I can't provide verification of that, and I don't know if the other affected firewalls are also pointing the finger at some change and/or limitation in Windows 7. Normally CIS should have blocked the loppback area connection to the proxy however because of the limitations in Windows 7, it fails.". the lowest layer of the protection, it sees the actual connection i.e. For all I know, the changes made in avast7 (which exacerbate this issue) were actually wise changes from a WebShield implementation point of view.Īccording to a Comodo developer named egemen (see msg592815#msg592815) "Because CIS operates at NDIS layer i.e. I'm inclined to think and assume, until I see evidence to the contrary, that avast is for example using published OS APIs in an appropriate manner to provide legitimate WebShield type behavior and although this causes certain problems for certain firewalls it is not yet proven to be wrong design or implementation.
I am willing to acknowledge that aspect but before asserting that avast has stepped over some line and done something that they must or should fix, I'd like to see some evidence that what they are doing is "wrong" from some other point of view. Why would one answer NO to that but YES to the subject of this thread? One answer comes to mind and that is in the example just above the adverse interference is (or should be) expected by and desirable to the user who installed the AffectorSoftware. Is SoftwareFirewall "at fault" in the sense that it *must or should be fixed* to never block ApplicationProgram? I think everyone including you would answer NO and agree that there is no one that needs to fix anything.
Lets assume that both programs are bug free and for example there isn't a bug in SoftwareFirewall where it continues to block this application even when there is an allow rule for ApplicationProgram. I would consider the fact that AffectorSoftware in some way adversely impacts AffectedSoftware, but I would consider the legitimacy of what it is that AffectorSoftware is doing.Įxample: The installation of SoftwareFirewall breaks the operation of ApplicationProgram that must communicate with a remote host in order to function correctly. I would next try to assess things from a "liability" point of view.
When doing this I would try to look at each piece of software in isolation (disregard the interference issue) and focus on whether there is a bug or inherent shortcoming of some sort. I would first try to assess things from a "technical correctness" point of view. In keeping with this:ġ) A defect or imperfection flaw failing error or mistakeĢ) Responsibility for failure or a wrongful act a misdeed or transgression Since there could be other software programs that establish a local proxy in way similar to that used by avast and perhaps even other firewall/OS combinations that have shortcomings, I thought I'd post this.Ĭlick to expand.I would want to know more about how and why the installation of your software interfered with WMP before commenting on whose fault it is. It appears that some firewalls may not have enough visibility or control over things to cope with that local proxying.
Avast hooks the networking stack to put its Web Shield in the position of a local proxy so that it can inspect and block traffic on some web related ports. I think this a case of avast manifesting a pre-existing shortcoming in the way certain firewalls selectively block traffic on some operating systems such Windows 7. Based on my casual wanderings and readings (which have included the Comodo forum thread ) I believe the problem scenarios discovered thus far are:Ī post from yesterday suggests there may be at least one more: In case anyone isn't familiar with recent events, some people discovered that the installation of avast 7 interfered with the operation of their firewall and prevented their firewall from blocking traffic in the way they desired and expected.