Comodo continues to issue certificates to known Malware

Discussion in 'other security issues & news' started by hayc59, May 16, 2009.

Thread Status:
Not open for further replies.
  1. hayc59

    hayc59 Updates Team

    Joined:
    Oct 29, 2008
    Posts:
    2,087
    Location:
    R.I.P. Roger(roddy32)
    Forum: COU
    More Info: MSMVPS Blogs
     
  2. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
  3. hayc59

    hayc59 Updates Team

    Joined:
    Oct 29, 2008
    Posts:
    2,087
    Location:
    R.I.P. Roger(roddy32)
    sded, thanks for the additional info :thumb:
     
  4. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,151
    Location:
    PA
    All I can say is - yikes!
     
  5. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    This 'CoreGuard' tool downloads an installer to the user, then proceeds a longer download, bringing all sorts of junk with it.

    With Shadow Defender on, tried to install, but having problems with wireless, so just quarantined the process.

    Just a note, once installed, very difficult to uninstall. Tries to connect and download itself again.

    1.jpg
    2.jpg
    3.jpg
    4.jpg

    Buy page:
    comodo.jpg
     
    Last edited: May 17, 2009
  6. ypestis

    ypestis Guest

    The sad thing is that during these hard economic times there will be companies go toe's up,
    not as a direct result of the economy,but rather as a result of a "Ends justify the mean's" business model, in response to the economy.
    Perhaps Comodo teeters on the brink of such a fate.
    So much for "building trust on line""
     
  7. danny9

    danny9 Departed Friend

    Joined:
    Feb 18, 2004
    Posts:
    678
    Location:
    Clinton Twp. Mi
    "building trust on line"
    Between this thread and the ask.com fiasco, Comodo surely has lost mine.
    I would like to hear Comodo's side or excuse but I doubt if we will.
    That's a shame too because CIS worked so well on my system.
    I will find alternatives.
    Sometimes things aren't always free.
    There is a price to pay. :thumbd:
     
  8. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Just another reason I wont touch any software that has the Comodo name.
     
  9. 3xist

    3xist Guest


    Re: Comodo continues to issue certificates to known Malware.


    So... you got $15 in your pocket and a domain, then you can buy an SSL cert...
    buying ssl cert is very easy (unfortunately)...

    so any malware provider simply goes gets it...

    they can get it from Verisign, Godaddy, Comodo etc... so if you are a malware author and have a domain you can buy an SSL.

    Cheers,
    Josh
     
  10. 3xist

    3xist Guest

    That said thing is: endusers don't understand it, Including my self, Because they see a DV Certificate on a website and think it's legitimate. Geotrust removed validation process and named it DV... And ANYONE can then buy a DV. Then Comodo, etc were forced to do the same.

    Cheers,
    Josh
     
  11. Einsturzende

    Einsturzende Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    390
    Location:
    neubauten
    maybe mr. sded will now remove all certification authorities from his browser? :rolleyes:
     
  12. 3xist

    3xist Guest

    It's an issue... This isn't first time either. DV should be banned, Validation process should be carefully re constructed by CA's.

    As for Rouges... Just... EWWWW... :)

    Cheers,
    Josh
     
  13. danny9

    danny9 Departed Friend

    Joined:
    Feb 18, 2004
    Posts:
    678
    Location:
    Clinton Twp. Mi
    Does it really?
    Does Kaspersky, Online Armor, Avira, Outlook etc. do the same thing or is it just Comodo?
    This is what I'd like to find out.
     
  14. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    Considering how those companies you listed aren't in the certificate business at all, I doubt it.
     
  15. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Funny thing is,all the controversy comodo generates and we're supposed to believe everything is fine,especially these days with rogue software applications popping up every day,nope I'm not convinced at all. Comodo's reputation is hardly anything to be proud of.
     
    Last edited: May 17, 2009
  16. ypestis

    ypestis Guest

    Do Verisign,Godaddy or Geotrust offer end user security programs?
    Its really the Ask thing again
    Its OK to be a criminal defense lawyer.
    Its OK to be a prosecutor.

    To be doing criminal defense work,while employed as a prosecutor has at least the appearance of impropriety.

    It is OT, but look at SpywareTerminator.
    not that they do not have other problems, but the
    crawler toolbar is still an albatross for them,and this long
    after Crawler is supposed to have reformed.
     
  17. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Two things
    1) understable, not good, but as worse as their competitors

    b) What a marketing misser, let me explain
    SO they issue only a very small number, for $15 each. So for a small profit share they risk to negatively associate their other business initiative: security software. Remember they must have invested serious money in developing freeware FW/HIPS/AV.

    So in stead of seeking public attention/free publicity with the fact that other companies show bad practise/have bad company norms and values. They could have had a massive USP as being the only trusthworthy company in that field. After all it is only a small income of te Comodo company those DV certificates!

    Imagine what a nice scoop this would be for PC magazines, on-line magazines and possibly even popular tabloids?

    Comodo can change their tag line, from making available security for everyone to applying web / e-business deciet for everyone!

    Boy the marcom department of Comodo is really a bunch of empty heads.
    a) profit of being as bad as the competitors is problably less then the investements made in CIS (scenario being as bad as the competition, can damage our investments in CIS)
    b) value of free publicity problably exceeds loss of income of those DV certificates (scenario Comodo being more thrustworthy as its competitors)
     
    Last edited: May 17, 2009
  18. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    lmao?

    Comodo jumps into the practice of issuing security certificates to MALWARE DOMAINS, just because it wants a share of the big buck$$$ that VeriSign and GoDaddy were raking in from doing so. Instead of being the one CV company that refuses to consort with malware writers, Comodo decides that the $$$ is more important. Very innocent and online trust-building indeed.

    I'm looking forward to the comedy that their clown of a CEO is inevitably going to spew out to justify his company's actions. :D
     
  19. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Eice that is the stupid thing about it, Comodo only issues few DV certificates! So it is not for big bugs, but for change money.
     
  20. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    Then again, sometimes you really have to wonder. The malware guys are making money by the truckload, and I don't think they'd hesitate to pay "special" rates for a certificate for their domain.

    Wonder what's coming next: D+ subtly allowing malware by default, and Comodo getting paid for each installation?
     
  21. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    Simple. Just have Melih take the grandstand, claim that it's a bug in D+, and dramatically promise that it'll be "looked into" and "fixed immediately in the next version". Or just have him spew whatever crap he wants, or even threaten to sue Avira/MBAM/SAS, it's not like the Comodo fanboys have ever doubted whatever outlandish poo he spouts anyway.

    Meh, hopefully someone else going to continue posting Melih's responses here or link to them. I'm kind of not enjoying the idea of having to wade into the Comodo forums to get my dose of Melih comedy.
     
  22. 3xist

    3xist Guest

    https://forums.comodo.com/general_d...own_malware-t39564.0.html;msg286775#msg286775

    https://forums.comodo.com/general_d...own_malware-t39564.0.html;msg286782#msg286782


    The problem is people don't understand and buy DV.. That's why Comodo put themselves on that channel so that they can catch DV buyers and try to educate them. This is why you see Comodo has so little DV certs out there.

    www.ccssforum.org that Comodo Set up, Will be a great forum for Vendors to help mitigate these issues. Because atm, There is NO communication between Vendors, likes of AV Vendors and CA's.

    Cheers,
    Josh
     
    Last edited by a moderator: May 17, 2009
  23. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,631
    SSL certificates do not mean the site is good or bad. They mean that the site identifies itself properly. What goes on the site - the content - is beyond the CA.

    However, some CA can have additional policies, just like hosting providers can have policies regarding porn, malware, gambling, etc. Some allow it, some don't.

    The fact you connect to a site named https://whatever and it is properly digitally signed, this means you're at the right site. This means that if you are going to provide sensitive info, you are going to do that against the server you expect, this rules out phishing and identity theft and whatnot.

    For example, you wanna buy some adult material online at site xxx - you go there, fill your shopping cart and proceed to payment. You want the payment method to be secure, encrypted and against a validated server. Someone has to validate that server, even if you morally object to adult material.

    Personally, I think it would be nice if companies validated the domains they sell the certificates to, including content etc ... but in a way this hurts the freedom of speech and whatnot. For example, can a racist site be allowed to have an SSL certificate?

    Whatever the moral choice, there is the user at the end:

    - You go to sites you want, no one forces you.
    - You download programs from sites you want, no one forces you.
    - You install programs you want, no one forces you.

    I saw a link to some http site earlier with some antivirus 2009 or something. First, http is not a secure site by definition. Second, why go there in the first place and download the program? An entirely user's fault.

    Nevertheless, the recent bout of ask toolbar and this certainly do not help Comodo credibility in the long run. But there is no easy money. Some people just forget that.

    Mrk
     
  24. 3xist

    3xist Guest

    I suggest people to read over my posts carefully in this thread, To understand this situation.

    Josh
     
  25. 3xist

    3xist Guest

    THANK YOU! :)

    Anyway I'll stop my post here as I posted enough information. :) And Thanks again Mrk for clarifying further. Anyone have any other issues regarding this issue, even when they read my posts, can PM me. :)

    Cheers,
    Josh
     
    Last edited by a moderator: May 17, 2009
Loading...
Thread Status:
Not open for further replies.