Comodo - you are fired!

Hello everyone!

Thought I'd share this bad experience of mine with a security firewall which I have used for such a long period of time without any issues whatsoever. And it was also a piece of software which I always have praised for its effectiveness and toughness.

Yesterday, I decided to finally downgrade to Windows 7 from 8.1 for some software compatibility issues (360 IS is incompatible with Update 1). After installing all the drivers and necessary software, it was time for me to install Windows Updates. It searched for like 144 Updates, and then began the updating process. After all the Updates were downloaded, it started the installation process, but after some time, I figured out instantly that something was wrong and the installation was taking way too long. The CF was blocking some process/service which was the root cause of all evil. I had to manually tell CF to trust the file and let it run with full authority, but the pop-up kept coming up from time to time which was weird given the fact that I already had given the nod to trust it. But still, I gave it more than enough time to complete and went to sleep. After I woke up early in the morning, I got stunned to see that the installation process was still stuck at "installing update 22/144," and the same process/service was being blocked/sandboxed by CF over and over again which didn't let the task complete.

Now, what I still fail to understand is, that how come a top firewall like Comodo act so dumb or stupid that it's not even recognizing Microsoft's legit files anymore? Fair enough, if the files are unknown, then it must block or sandbox them immediately. But it should never ever be interfering with Windows Updates in the first place. This is really so disappointing. It wasted so much of my precious time and crippled my system to the point where I had to do a clean install again today.

Now, I'll never ever be using it again in the near future or at all. Because to me, CF has become a pretty dumb piece of software.

 

Back when I was still using OA I also got the same problem. I've trained it and built a whitelist, but even though all Windows components which are required to do an update were trusted, the update still stuck. There might be something blocked by OA in the process of booting. I don't think it's the problem with CF. Security software might interfere with Windows Update sequences. The solution is to temporarily disable the HIPS when doing an update, then turn it back on after it's finished. Also, a suggestion, but perhaps this is a good reason to start using a drive imaging software so you don't have to re-install the OS when something goes wrong, yes?

 

The HIPS was already disabled.

 

Was that including the behavior blocker (auto-sandbox)?

 

Not the Auto-Sandbox.

 

Temporarily disable it as well.

Just a personal opinion of mine, but based on my experience, the auto-sandbox feature does more harm than good. I even disabled it all the time and just used D+.

Spoiler

D+ has its own problem though.

 

The Windows Firewall will do the job for me.

 

I experience a similar issue with Cfw when in Event Viewer and I click Event Log Online Help. No matter how many times I tell cfw popup to allow as a system app, and do not isolate again, it still blocks the connection unless the sandbox is disabled. Very annoying.

 

Comodo's HIPS set on disabled will not turn it off; it will just "sleep" and let the BB take charge until the BB can't decide then the HIPS kicks-in.

 

I had the same problems with CIS blocking Windows updates. It also failed it's own leak test and blocked my other devices from accessing my computer. I now use PrivateFirewall.

 

CFW a dumb piece of software? An individuals computer configuration, installed software, and in many instances, how the dumb piece of software is configured by the end user has as much to do with such issues described as anything else. The last time I looked you can find a similar post, made in this forum, in regard to just about every security product ever made. Maybe we should throw all that dumb software into a pile, light it up and have ourselves a clam bake.

 

If it can't differentiate between legit and bad files, and on top of that, disregards my inputs over and over again, then it sure is dumb.

 

This is an isolated issue not how comodo works by default, so you did something wrong or it's a bug.

 

CIS often doesn't release apps that get sandboxed but are found whitelisted a bit later. AMD Catalyst components, Intel AHCI drivers and few other things often get stuck in their sandbox and you have to make system restart to release them.

 

Originally posted by guest:
This is an isolated issue not how comodo works by default, so you did something wrong or it's a bug.

Exactly guest. Many times it's the end user and not the software with the issue, but by all means, bash the software for being dumb. That is much easier than actually taking the time to figure out the problem. Asking for help would be a novel approach, but I'm guessing that by doing so, it might just mean the end user is accepting a bit of responsibility.

Originally posted by RejZoR:
CIS often doesn't release apps that get sandboxed but are found whitelisted a bit later. AMD Catalyst components, Intel AHCI drivers and few other things often get stuck in their sandbox and you have to make system restart to release them.

An intelligent, helpful and reasonable, possible solution, that may or may not fix the issue. The point is, both guest and RejZoR know quite a bit about how CIS works, not to mention how it might best be configured. If it were me, I would ask for their help. Chiron's easy to understand guide for the installation and configuration of CFW can be found here: http://www.techsupportalert.com/content/how-install-comodo-firewall.htm. Then again you could chalk it all up to dumb software.

 

sooner or later all Internet Securities will run into bad trouble... my experience. i wont spend any buck on such software any more - windows 7 and windows 8 have their own pretty good security mechanisms. a sandbox for testing purpose and some on-demand added will fit the needs.

 

First of all, let me tell you this Mr. Stephen Tony that I do really know very well how to use CF, as I have been using it for quite a long time. It never gave me any such problems in the past, but may be, the new version is problematic or just not smart enough.

As for the problems on my side, I don't think so because I always have used Chriron's settings without any issues. I am not using it for the first time.

The latest version isn't good enough. It's as simple as that. It shouldn't be interfering with WU and blocking/sand boxing legit files by Microsoft. That's unacceptable for me, and more than that, if it continues to ignore my inputs, then it's again just a dumb piece of software.

 

I think the point being made is that this isn't universal or default behavior for C.I.S. and is therefore a localised issue,so calling the product inherently dumb is incorrect.

That's not to lessen your sense of frustration as is the case with anyone experiencing problems with a particular product.

 

Yes indeed Comodo does on occasion not recognize legitimate files (I guess perfection escapes them) and will Sandbox them. However it is very easy to rectify this: When the BB alert comes up you will notice that the file (or files) will be listed in the Unrecognized Files section on the main GUI. To get Comodo never to sandbox it again:

1). Click the number that is showing up on the Unrecognized Files line
2). Click the hidden menu thingy at the bottom of the ensuing screen
3). Select "Move To", then " Trusted Files"

Not especially a great burden.

 

It still was sand boxing that particular file. It was hell bent on interfering with WU for some reason, which is beyond me. It never did that in the past. I have used it for a long time.

 

Weird story. Overall, I also think that Comodo is a bit too dumb, with that I mean, too intrusive and aggressive. The developers should fine tune it, so that stuff like this can´t happen.

 

Originally posted by andyman35:
I think the point being made is that this isn't universal or default behavior for C.I.S. and is therefore a localised issue,so calling the product inherently dumb is incorrect.

That is the point, you are correct. Sher has compiled quite the laundry list of smear posts and it's not appreciated by anyone. Frustration is one thing and I agree that expressing this frustration is fine, up to a point. When you go beyond frustration into bashing a product with no thought given to what you are saying, then I draw the line right there, and so should other members who frequent this forum. This forum was not created for the Sher's of the world to make poorly considered remarks against a security product and/or the company that produced it because they were frustrated. Sher is often frustrated and this is an example of how this person expresses him or her self. I think many of us read the Comodo remarks so I will not repeat them.

Originally posted by Sher:
Got my system screwed once more by 360 IS and it was a pain the back side to recover it in the end.

Originally posted by Sher:
Screw Microsoft!

I could go on but I think we all get the point. Many of these poorly considered comments are slanderous in the truest sense of the word. You cannot continue to make statements such as the ones listed here, and I only posted a few. If you have something to say then back it up with some real world facts. Many reps from security companies frequent this forum to lend their knowledge to people here, and in most cases to help people who are having issues with a particular product. You can make thoughtful remarks about a product and at the same time express frustration without it degenerating into vitriolic speech. If we all spoke as Sher often does then many of these reps would avoid coming here at all. Why should they? They can take constructive criticism as they should, and they do expect it. But posts like the ones made by Sher are not constructive in nature and should not be tolerated. Period! Sher, you take absolutely zero responsibility for any of the poor results you have encountered. Do you really think its not you but the rest of the world that's wrong? In this scenario the rest of the world would be all the security products, the companies that make them, and the majority of forum members here at Wilders. I truly do not want this to turn into a flame war which accomplishes nothing. All I am asking is that we acknowledge this kind of behavior has no place here. I am saying that to you Sher because I think you can probably do better. You should at least make an attempt at expressing yourself in a constructive way and talk about facts. If you are having trouble then ask for help. There are so many knowledgeable members here that would offer help so fast it would make your head spin. I know many of the people here and they love nothing better than lending a hand to another member. Please stop the bashing and give some regard for the negative impact it has. I don't think you want a reputation for making stupid comments as your signature in this forum. What do you say?

 

A LOT of work so you can run a product that isn't properly maintained, don't you think? Easier to just uninstall that crap, toss on MBAM+Immunet for a few months until they actually fix their product. I cannot believe anyone would downgrade an OS over an AV product!

People will eventually learn 360 will cause more headaches than anything you could install on your machine. Seriously. Trust me on that one.

 

My personal opinion regarding use of firewall (for novice home users only)
1. Have faith in Windows - MS is .... great.
2. Resist temptation - the most difficult part, but follow the Bible.
3. Control your mouse & fingers - practice it when in bed.
4. Use Sandboxie if you can - even I can manage it.
5. Back up all your data regularly & hide it out of sight of your spouse.
6. Be ready to re-install Windows when neccessary - you may feel like getting a new GF.
7. Hope for your AV to catch some bugs - they actually do such things even for free.
8. Pray to the Almighty to divert malware elsewhere - (read your enemy & ex).
9. Always maintain a respectful distance from 3rd party FWs & keep your sanity.

 

Keep your personal attacks coming, you Comodo fan boy! I am least bothered about it. I stated what I felt and would continue to do so in the future. Fair enough, you find my posts stupid, simply ignore them and move on. You are not the Godfather of this forum and don't try to be so! And I am not going to indulge myself into this stupidity started by you. That does not make this forum a wonderful place either!

May God give you peace and some tolerance!

@DoctorPC: Fair enough, you find 360 IS crap just like I recently found out Comodo being dumb. Different experiences, different opinions. I respect your opinion, in the end. No problem with that.

But some die hard fan boys seem to take it rather so seriously.