Comodo Firewall Privacy Intrusion !?

I personally do not post BS/FUD. although I know some whould like to make it look like I do.

OK, if we look at a direct connection to the Comodo forums. this is the chain of events/connections:-(I made no attempt to search the forums, I simply went to the site):-



You will notice the first re-direct onto HTTPS is to 72.14.215.97, this is Google (Analytics), http://www.google.com/analytics/ information gathering.
This can be seen as no big deal, but for me, on a security site, there should be no re-directs to 3rd party logging sites, and I would still like to know the info contained in the HTTPS to Comodo.
The last time I checked these connections while Comodo was installed, I did notice an increase in data transfer,.. maybe just a coincidence at that time? I will try to find time to re-install Comodo and re-check.

 

On Comodo forum Melih and company have respond about this discusion.
For they all this is only FUD.
OK. I have first concrete qustion for boys on comodo child forum:

1. when registration popup appear, and I enter email e.i. comodo@comodo.com, after reboot is created
thread "auto dial" /products/!PlaceOrder?emailAddress=&1_PPP=180&licenc>, and begin hiden connection to secure.comodo.net?

To Melih and company.
On concrete (first) question I await concrete answer!, not only br br br and how you wasting your money building all these top notch products for free, and how you wasting your money to make world better.
And how all this is only FUD.

 

I posted something similar on the Comodo forum, but I saw that Agnitum.com (makers of Outpost firewall) also uses Google Analytics. But they reveal that in their Privacy Policy.

"Cookies

Agnitum websites use Google Analytics, a web analytics service provided by Google, Inc. (”Google”). Google Analytics uses cookies to help us to analyse how users use Agnitum sites. The information generated by the cookie about your use of our sites (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our sites, compiling reports on website activity for us and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of Agnitum sites. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. "

http://www.agnitum.com/privacy_policy.php


I wonder if Comodo uses IP addresses in the same way? (i.e.- sending the IP addresses to Google) FWIW- use of Google Analytics is not mentioned in the Comodo Privacy Policy that I read.

 

Google Analytics does not use cookies (well certainly not on their own), it uses embedded script (tracking code) within the webpages of the sites, so all trace info and browsing of the site is sent directly to Google.

Have a search for "Google Analytics", you will find some interesting reading.
Here are just 3 examples.

 

Now you are producing something
What answers do you get from Melih at comodo forum? Please provide the link (at comodo forum) to where you ask these questions so I can follow.

 

Hi ,
Just read CEO reaction, poor devil.
http://forums.comodo.com/help/phoning_home-t11317.0.html
Relax Melih relax, what is happening? you have a fit of anger?
we've so much question further, we've plenty of time, relax.
Is not pull off.
Melih, did u just tried to piss off yourself again?

Yours sincerely President of Kukuland LOL.

 

Before anyone gets all in a dither, check out the post in the Comodo FW forum entitled "calling home".

 

If you enter an e-mail address into the popup (which also has an option to "sign me up for news of Comodo), then would this not indicate that you want to register the firewall, and to register, the firewall would need to connect to the comodo server. As I have posted, when I have installed Comodo, with no e-mail entered (and the sign me up unchecked) I have seen no attempt for this connection.
I would also question the "Hidden connection", as I would need to know the installation made, is the installation made with "automatically allow known applications"?, or is a scan made and the comodo applications are added to be allowed?, or what rules are in place for the comodo applications?

 

I cant see you posting there? What nick do you use? Why dont you post your concerns directly in their forum? All you have to do is to write your concerns in a civil manner and ask for an explanation. It seems pretty pointless to come here and make accusations instead of confronting "the bad guys" directly. Whats the point in making those disparaging comments about Melih, here? How will they help you get answers to your questions?
Not knowing so much about hidden connections and stuff, so I actually for a second thought you had something in your last post, but it seems it wasnt as simple as you put it...

 

Hi sukarof,

Saying a firewall is making hidden connections is quite a strong accusation, it would infer that the firewall is bypassing user rules (Hard_coded) or making some form of injection into another application to make this "make a connection on its behalf", there are of course other forms/ways of possible outbound bypass (look at leaktests).
I have not seen any of this with Comodo, but I still check on each release (as I do with any other firewall), and if I did find any form of hidden connections, I would certainly post the logs etc for this.

.

 

I assume that my internet connections are not totally private. I assume that software I have loaded myself (not malware) may do some tracking.

However, unique identifiers are another matter.

One final point how is the data being used. A very key question no matter what you are using and where you are going or what business you are doing. These are all important considerations.

One can be overly alarmed about such matters imho.

 

Just did some Spyware Doctor scan today ...

http://img522.imageshack.us/my.php?image=20070808200520ng1.jpg

Also I should precise that I had uninstalled Comodo already ...

 

Ladies and gents,

If this discussion is to continue it will do so without the back and forth linking to the Comodo forums and a similar discussion. I would also ask that if accusations are to be made....it is prudent for the accuser to provide somewhat more than just lip service. Otherwise one could characterize those words as FUD also.

Once again....this discussion can remain but without the somewhat forum flame war material\links being posted.

Thanks,
Bubba

 

OK, relax and we go from begining, because all what I say is a FUD.

Comodo firewall create and sends a unique ID number that' embedded in each copy of the program; the server logs the ID, then sends back a new number that gets patched into the code, allowing the creators to track the program as it's re-distributed across the networks.

Unique ID use a scheme to send information from your computer to a company called Comodo. Even after uninstalling the software.

Everytime you launch your browser and visit Comodo site or comodo Partners site server logs the ID, and tracking where you go, what you do, what software you are using.

Users each have a unique ID that lets Comodo know who is online. which applications they are using, sites visited, and for how long they are online. This also allows Comodo to deliver specific advertisements to specific users based on their criteria...."

What my thought is: invasion of privacy, and a few others. Since they are using your computers processing and storage without your knowledge or permission.

Finally, I urge Comodo again to be open and honest in your response to this situation. Fully disclose and publish details of the Unique ID and where is stored on user HD (not my, I know).

This is not FUD, Comodo recognition existence of Unique ID, question is just where?
Because must be secret, is on user PC, and is benign no?

 

I don't use Comodo (I did in the past but my PC has been wiped clean and rebuilt twice since then)...anyway....if you know the location of the Unique ID why not share that info here so that others who do use Comodo can look on their PC's for this ID?

 

If the highlighted is true, I expect as much "backlash" as KAV's-id/tags-fiasco. Sharing info with 3rd-parties is one thing, but even after uninstalling I'll re4mat if that is proven true!!!

 

Hey man, I have a NAME, that doesn't mean I'm spied. I'll have a name even when I'm dead. So what Is it a leak of privacy. DON'T PANIC!

 

What

 

Hi, folks: I just just wish Hiro's findings were not true, but...what if it were to be so, especially that unique ID thing is so unique that it remains in your box even after comodo fw has been uninstalled? Folks, what else security applications can we trust from now on? It is not just a privacy intrusion, it IS a VIOLATION of Privacy, very serious charge! We, as end users should be worry, but the cyber security app developers as a whole should IMO team up together asking Comodo to clear up the air, and once for all. A self-regulatory body should be set up to police their own breed, allow ONLY those with same feather to be flocked together. A wake up call to all of us indeed. Like my elderly mother always says do not trust anyone unless you know one inside out. Her theory holds true in this incident. Have a smart thinking.

 

Not to barge in, but I think the other message post was stating that just because you have some unique identifier (such as a Social Security Number), that does not, in and of itself, mean that you are being tracked or spied on. But the internet is one tangled web and there are many interconnections that we are never aware of. People make $$$ by referring or sharing customer information with others. It's a fact of life.

 

For those interested in ideas on how to block Google Analytics see posts 6,12,15,18 from this current thread. https://www.wilderssecurity.com/showthread.php?t=182089

innerpeace

 

this information is very hard accusation.
and since comodo never extend their hand on this website to depend their firewall, I said i remove for now the comodo freebie in my old laps.

i dont want comodo monitor my visited porn site.

 

Hiro, it would be nice to show some evidence about what you are claiming (logs, HTTP sessions, etc)...

 

@ the President of Kukuland

you have alarmed quite a few users here, I already saw fear, uncertainity & doubt on this thread. And people are actually uninstalling Comodo firewall because of this!?
So, you say this is not FUD?

I believe this thread should be closed, so hiro could start a fresh new one, but this time in a proper way. A proof in post #1. No excuses and no more talking.

BTW, what's this? -

What's a 'hidden connection'?

EDIT: Just to add.. remember "Outpost suite rootkits" thread, hiro? I do...