Comodo Cloud Antivirus Beta Releases

Discussion in 'other anti-virus software' started by wasgij6, Nov 4, 2015.

  1. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,154
    Location:
    Toronto, Canada
    The latest Comodo Antivirus bits from Tavis Ormandy:


    Link: https://twitter.com/taviso/status/703339716779704320
    Link: https://twitter.com/taviso/status/702625527501189120

    I have a feeling that we have a whopper of a vuln-report on Comodo coming soon (again).
     
  2. hjlbx

    hjlbx Guest

    COMODO is under a lot of pressure right now - on their forum, on the net.

    Melih stated on the forum that DEP\ASLR would be enforced for next version - CIS 9.

    I'm sure there is a whole lot of other vulnerabilities to be discovered.

    I really like COMODO, but I won't use it. It has a serious "disappearing" rules bug.
     
  3. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    Well, if we talking about the beta's then I see no ground to complain, just report. We all waiting for a CIS 9 beta to report and test ourselves.

    There is also not always a benefit of using DEP/ASLR but people don't know how such things working and want to troll just because other products may use this.

    The mentioned twitter guy also re-post just stuff without mention that some or most of them are already fixed. Like the VNC problem or simply not mention that you can uncheck it with the setup - because not everyone need GeekBuddy.
     
  4. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    504
    Are you referring to the hips rule bug?
     
  5. hjlbx

    hjlbx Guest

    Yes. Not just HIPS rules, but Firewall and other user-created rules in CIS.
     
  6. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    504
    I checked the hips rule hours ago and noticed they were gone. Closed the interface and opened it again,this time the rules appeared. The rules in auto-sandbox don't seem to have any issue, they still appear even when hips rule don't.

    Do you know whether rules are still active even when they don't show? If they aren't, then that's incredibly major bug
     
  7. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    940
  8. hjlbx

    hjlbx Guest

    Yes. They are still active - until they disappear and do not reappear. Everytime I have seen this happen, Training Mode starts creating rules all over again.

    In my testing file objects, firewall rules, sandbox rules, etc, etc - have all had the same problem at one point or another.

    I tested CIS very thoroughly...
     
  9. fmon

    fmon Registered Member

    Joined:
    May 5, 2013
    Posts:
    1,157
    Comodo has always been full of bugs and false positives, if you report a bug they get angry. I don't trust them anymore ...
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,869
    Location:
    The Netherlands
    I need to correct myself, this feature is not turned on by default, it gives you an option to select trusted signers.
     
  11. bigwrench9

    bigwrench9 Registered Member

    Joined:
    Oct 28, 2009
    Posts:
    68
    Exactly!!!
     
  12. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    940

    Fully agree with that, Comodo has done enough to be considered "shady", their products and the company itself cant be trusted.

    http://www.pcworld.com/article/2887...-tool-privdog-compromises-https-security.html
    http://www.geek.com/apps/google-calls-out-comodos-secure-web-browser-as-anything-but-1646373/
    http://www.infosecisland.com/blogview/15106-The-Demise-of-the-Antivirus-Industry.html
    http://arstechnica.com/security/201...rtificate-fraud-calls-ca-trust-into-question/
    http://www.fark.com/comments/8610301/Comodo-goes-SuperFishing

    I think no security vendor has ****** *** Tavis Ormandy from Google Project Zero more than Comodo, just look at his Twitter and laugh.

    Example:

     
  13. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    Can we stop saying Comodo sucks, if you not like it simply not use it or provide own stuff and not re-spell the same things other people wrote (especially all of these is outdated and already fixed). On beta products it's normally that there are some bugs, I bet they working on it. It's not helpful to count on this, code yourself stuff and link over here I bet I will find something in the first 60 minutes.

    I tested Cloud Antivirus myself and it works well, there is only one bug and of course a little bit false positive but tell me a program which not suffers from that you can't - it's depending on samples and reputation.
     
    Last edited: Feb 27, 2016
  14. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    940
    Yeah I wont use, but ofcourse you are free to install and run in your machine.
    Good to see that the Cloud antivirus is working well for you, but I am entitled to have a opinion about security software without needing to be a developer or a security researcher myself.

    I dont have the necessary expertise that someone like Mr Tavis Ormandy has, but I can clearly see and judge when something is bad , the Comodo records speaks to itself. The links that I have posted is all about reputation and trust, if you think that it doesnt matter, I can conclude that we simple have different values and anymore discussion would be irrelevant.


    Ps: I have a good memory, I cant simple ignore Comodo history, some Wilders members may have this same feeling. (remember Comodo DACS? Kevin McAleavey insights?)
     
  15. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    That security risk you always talking about is closed, how often you mention it again and again? Should I give you exploits and examples about Kaspersky, Eset fails and over and over say that there are also security related issue in the past which lowers your PC security? Please wake up, nothing is fail-safe, it's a question how fast this gets fixed and the mentioned hole isn't that critical at all because inbound traffic is by default blocked in Comodo, which means even there is this one port open it not means an attacker could sent stuff over this without that you notice it, I guess that was not mentioned in the issue ticket.

    Of course it's always about trust, if you not trust then not install it, that's why I not need and use any of such pseudo products, I only test and all I can say it's how good or bad it's working.

    So please come the hell down with this, there was critical leaks in all products not only Comodo. 10 second google and you will find critical things in each product, but seems some are more hyped than other because people constantly trolling with this without even knowing that what they talking may need additional things to really get 'risky'.

    You malwarebytes product you have in your signature also had recently that leak so what? We could be thankful that Project Zero exist and that some people really test the products and inform that there are possible things that needs to be fixed.

    Back to topic now. :)
     
  16. fmon

    fmon Registered Member

    Joined:
    May 5, 2013
    Posts:
    1,157
    Very interesting links, thank you.
     
  17. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    940
    Malwarebytes Anti Exploit (MBAE) isnt Malwarebytes Anti Malware.

    I get your point and you are partially right, but things arent so simple, anyway lets go back to the topic ;)
     
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,869
    Location:
    The Netherlands
    Even though CCA looks OK, I have to agree with this, we can't just forget about the PrivDog disaster. I would never advise anyone to install Comodo products. Especially if they are less knowledgeable.
     
  19. So you are saying that this Comodo product final release actually is a final? That means that they have got grip on their quality issues.

    Everyone can change. Even Windows Defender slowly turns into a solid AV, so why could not Comodo turn into a solid software development company? So they disabled cross site scripting protection in their Browser, Everyone makes mistakes, big deal :argh:
     
    Last edited by a moderator: Mar 7, 2016
  20. Techwiz

    Techwiz Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    541
    Location:
    United States
    Thought about giving CCAV a test drive as a replacement for PCAV, but installer says it is incompatible with existing comodo internet security installation. Kind of figured there would be an issue between the HIPS and sandbox visualization components. But I sort of expect things to be a bit more modular, in the sense that CCAV would use the same HIPS and Sandbox. If they can resolve the incompatibility and fix some of the other larger issues including bandwidth consumption and problems with the exclusion list then I'll consider revisiting this at a later point.
     
  21. phalanaxus

    phalanaxus Registered Member

    Joined:
    Jan 19, 2011
    Posts:
    499
    Any news on the Ormandy front ?
     
  22. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,154
    Location:
    Toronto, Canada
    You don't want to hear this. lol

    Source: https://twitter.com/taviso/status/708053228001300480?lang=en
    https://pbs.twimg.com/media/CdOCqLaVIAAEZAR.jpg:large

    EDIT: Also, some interesting conversation has stemmed from one of Tavis' recent tweets, conversation between him and one of the Avast guys.
    Link: https://twitter.com/taviso/status/708719788302831616?lang=en
     
  23. phalanaxus

    phalanaxus Registered Member

    Joined:
    Jan 19, 2011
    Posts:
    499
    @WildByDesign
    Thanks mate. What baffles me most is there is not any answer (not even a doubtful one) from comodo to these findings.

    About the discussion with the Avast employee, I think Ormandy is exaggerating that part. Really how many people are infected via targeted attacks ? I don't think the number is even comparable to the nontargeted attacks. (Feel free to give any contradictory numbers) This is like bashing seat belts cause they can break people's necks on some extreme cases; it doesn't change the fact they help save lives most of the time.
     
  24. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,154
    Location:
    Toronto, Canada
    You're welcome.
    I agree with you, some of it does seem exaggerating. Although I have a feeling that much of what he was talking about was theoretical for the most part, speculating on the possibilities and whatever might be possible in the near future. But either way, it's good to see patches coming out of this and stronger security software in general.
     
  25. hjlbx

    hjlbx Guest

    Security soft vendors do it all the time. If, in their estimation, a vulnerability has a very low probability of being exploited, then they will not fix it. M$ even follows this practice.
     
Loading...