Matousec latest

Quote from matousecs' results

That doesn't sound partial to me. Judge for yourself .

If this quote isn't permitted, please remove.

 

Comodo does NOT pass all leak tests on high settings.
I tested this myself on the current stable version 2.4
a few months ago.
If it passes all leak test why is there only links to two of them on there site?
There should be links to all of them. Then the users will see the truth.

 

- test yourself, breakout leaktest use same technique.
- open "Run..", copy one of this line to, depend of your browser, copy with quote.
- pass ?

"C:\Program Files\Opera 9\Opera.exe" -url "http://www.dingens.org/breakout.html.en"

"C:\Program Files\Mozilla Firefox\firefox.exe" -url "http://www.dingens.org/breakout.html.en"

"C:\Program Files\Internet Explorer\iexplore.exe" "http://www.dingens.org/breakout.html.en"

Judge alone, and not to believe in everything that tell you!

 

Bump... there's no answer?
Can somebody declare, this famous firewall (Comodo) pass or not pass this test in above post?

 

Wasn't Comodo made to pass the general leak tests?
I ask out of sheer ignorance and have no motives to po-po on Comodo.

 

Yes, this will quite probably pass the firewall. Why? Because explorer.exe (and therefore the run window) are on the known trusted applications list- BY DESIGN. Any non-trusted application will fail to do so.

 

All of this hoo-hah regarding CPF is getting silly. We have been offered for free a piece of security software that for all intensive purposes blocks the huge majority of current leaktests, a great concern to many users. And it's barely a toddler in the industry. I just don't see the point of argument. You guys would complain if given for free a bar of pure gold that it was too heavy.

 

Not quite probably pass! This test realy shows as a vulnerable is Comodo firewall! You have touched really matter that I wanted to say as first (first of the so many) problem of Comodo.
Do you know that Comodo contain over 300.000 applications on the known trusted applications locked list- BY DESIGN! http://www.comodo.com/news/press_releases/21_03_07.html
Do you know that hundred of this applications can perform (if you know how) upload/download without your knowledge, and Comodo remain very silent.

I have tested only browser and svchost.exe , I have not time and wish to test many other applications, but if these two applications do it, also all others can always do it in any moment.

I wanted to say that here it doesn't deal with, if it intercepts or it fails one or more leaktests, we speak here of hundred (without combinations, without touching Hash or integrity of application) firewall hole.
If this is not enough? can we discussed some other failures of Comodo, but I think that all Comodo user for first must digest now this (number impressive! is true must say!)

Who doesn't believe, and knows how to do, can perform test with any application (more that 300.000), this is good - BY DESIGN, LOL.
Say the truth this problem doesn't touch only Comodo firewall but all the pre shape firewalls.
As we here speaks from "best" of the best, and bar of pure "gold", but all that glitters is not gold! Please, to all Comodo user and fan do not ruffle immediately, this is just informative, there is nothing amiss.

PS:
Mr. Malware you are right, what you say? are enough for they 30 holes? LOL.

Have fun...​

 

With all your knowledge, could you tell us some Firewall names that are better than Comodo ?
Must be a lot of them, but 2 or 3 names would be enough.

 

Thanks hiro. Exactly, that's what I thought!!!

Even if its free and leaks its totally useless. I could name a few other things that are wrong too.

1. Uses 20+ MB Memory
2. No easy to to save configuration.
2. The logging is a joke.

A free bar of gold is totally different. At least its useful.

But, that's why I switched to Linux, I don't need 5 security apps to babysit and don't waste my time with Windows.
I don't even have an AV installed, don't need one, it's Linux!!!

 

Okay, so what, exactly, does this mean? Someone please elucidate me. I don't use Comodo, but I use a different fw, and the connection was made to remote server. SSM logs reveal explorer.exe launches Opera. That's not exceptional. It needs to launch Opera. SSM logs also reveal some thread activity with svchost.exe launching Opera. I have no idea of the ramifications of this. Under the circumstances, is this expected or not expected? I had to manually enter the command string into Run menu and manually hit Enter for this to work. Please explain - step by painful step - how this vulnerability could occur via some malicious process (trojan, worm, unpatched browser...whatever). I need more information so I can better understand this and judge for myself if this is really as dangerous as some of you make it seem. Please!

Remember. you guys are flying in the face of the illustrious Matousec, the security expert who speaks in glowing terms of Comodo's leaktest thwarting abilitys. Here is your chance to shine by providing indisputable evedence that Comodo, and perhaps some other firewalls, just can't cut it in the face of elaborate attacks. I say this because I just can't buy into a simple copy-paste test that must be manually entered to function. I'm not doubting; I, for one, need some concrete evidence before I buy into these claims.

 

Hi, wat0114

Do you remember Joe Public and dancing pigs discussion?
Is nearly identical, where trusted application force another trusted application
to make a job.

Matousec work very correct!

 

Yes, I remember that discussion, but trusted applications forcing another trusted application is built into the MS O/S, so what can be done? Explorer.exe, for example, launches just about every conceivable application on your system. If you deny that, nothing works. There are many other cases involving common MS processes required to influence trusted apps, so it's a catch 22.

Then you say Matousec's work is correct, but it seems you are criticising Comodo's (the top leaktest rated fw in his testing) filtering ability, or do I misunderstand?

 

Too heavy, too shiny, and doesn't stop radiation

Hiro, Comodo gives you the choice. Turn safe list off..
Now you say it doesn't pass a leaktest that the same guy you praise for testing it, says it does. Go figure.

Oh and those two tests on their website are made by Comodo. You won't find others for obvious reasons.

 

Hi, wat0114

To agree with you for some case, but if you have over that 300.000 application in your trusded zone, do you know how much shoot up vulnerability?

Yes Matousec's work is correct!
Yes Comodo is very strong against leak-tests but in fact it is very weak against real malware!
I understand your disappointment with Matusec test and results for Outpost fw, but is correct!
You must take a decision to believe your fw developer or fw tester or must you test alone to confirm all this.

 

Hi,Pedro

I know this, and I know how to configure Comodo, but if you do this, then you have many popup, and many question, many users do not be fond of this.
If you use it with safe list on, your box is like castle with closed entrance door, and with hundred opened window!

 

hiro,

you can define the "Alert Frequency Level" to Very Low, and then you will have less alert windows...

 

Hi,VaMPiRiC_CRoW
Thanks, I repeat, I not need fw usage instruction. I'm not Comodo user, I'm a nasty little boy that perform some little test with it! And she fail an exam!

Now I have some question for you, if you disable this? if you enable that? who to be of use over 300.000 trusted application? for what purpose is here? for what Comodo get to update this list?

 

That list is to avoid alert windows for new connections and for the future HIPS feature...

 

No, no VaMPiRiC_CRoW is not the right answer.
Right answer you can read here:http://www.comodo.com/news/press_releases/21_03_07.html
from Melih, Comodo developer.

 

hiro,

I already discuss a lot of times with Melih about this, and the started purpose was what I have said, and to help users to make decisions...

If you use the "Run for know applications", the firewall will allow the traffic for that programs, so...

 

We be near there why I say; is vulnerable!

Why it isn't so much a warning as a threat!

 

But there is no need for anyone to trust anything. By this, I mean it is possible with the right firewall (Outpost, Comodo, ZA, LnS, Jetico, Tiny...etc, etc) to trust nothing. As you know, I use OP and with it I create my own custom rules (saved as a config file) for everything. They are reasonably restrictive but not ridiculously restrictive rules. However, not everyone knows how to do this, nor does everyone want to do this, therefore the trusted applixcations lists and automatic rules options available for beginners.

It doesn't bother me. I'm still waiting for Matousec or someone to provide a detailed explanation of how those leaktests could launch via trojans or some other malware. A video would be nice. Then I will lend a little more credibility to them.

 

Ok, nasty little boy. Again my question:
can you name some firewalls better than Comodo against real malware ?
Your tests may have found some of them. Or are all firewalls more or less weak, and Comodo is only a little better than the average ?

 

Hi, Clweb
To give the suggestions is always ungrateful, do you know the old proverb?
"Lawyer not called, comes with the **** paid!"
But, if everything is true in your post, I see that you already using the best real free firewall, if you have made count!
It doesn't care as I will be paid for this!