Comodo Firewall Privacy Intrusion !?

Discussion in 'other firewalls' started by hiro, Aug 5, 2007.

Thread Status:
Not open for further replies.
  1. hiro

    hiro Registered Member

    Joined:
    Jul 12, 2005
    Posts:
    77
    The Comodo firewall by the installation and registration creates a unique tracking number, Unique Identifier. This number and other information is transmitted, without asking, to Comodo servers.
    A Unique Identifier is a piece of data that unequivocally identifies something, and tracking the firewall user. Unique Identifier used in sending data to a particular person or object. For example, an "IP address", "Mail address" or "MAC address", but is not limited to!

    These functions to be unacceptable violations of consumer privacy.
    Comodo may have breached both civil and criminal laws. In an age of Internet-enabled appliances it is vital to privacy that consumers understand and control the information reported about their behavior.

    The reporting functions are especially objectionable because they were actively kept secret. Nothing in the software EULA and Privacy Policy http://www.comodo.com/repository/privacy_agreement.html mentioned the existence of a Unique Identifier.
    Transmissions of data were actually hiden, which suggests an intention to conceal a wrongdoing. This surreptitious transfer of information without the consumer's knowledge or consent is a kind of "Trojan Horse" attack that should constitute "exceeding authorized access" under the Computer Fraud and Abuse.

    Take notice that the Act also includes a private right of action, which could form the basis of individual and class action lawsuits. Why Comodo should not be considered to have broken this law.

    To consumers recommending they discontinue using and to uninstall all Comodo products, at least until these demands are met.
    Finally, I urge Comodo to be open and honest in your response to this situation.Fully disclose and publish details of the information that the Comodo software reports and collects, and what is done with this information.

    Have fun....
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi hiro,

    From my last installations of Comodo (on clean windows W2K/XP) There was no need to register, this was an option I disabled. Personally, I am more interested with the HTTPS comms made when connecting at their forums.
     
  3. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Do you mean that Comodo tracks what the user does on the net? Comodo knows all the sites I´ve visited? and they are storing that for the future? What do they do with all the data they collect? What data is it btw? Have you or anyone else used a sniffer to see what Comodo sends out? Is it encrypted?
     
  4. hiro

    hiro Registered Member

    Joined:
    Jul 12, 2005
    Posts:
    77
    @ Stem
    If you register or not, Unique Identifier (UI) is created, and comodo send it by update or by "send suspicious file to comodo" function.

    @ sukarof
    answer on all is YES.
     
  5. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    My installations of Comodo (as with any firewall/security app) are made with all update functions disabled (no internet connections are allowed untill these settings are made). I have not seen any attempt by Comodo to connect to any site. I can certainly look at this again, but with the ability of the user to block all comodo processes within the firewall (and I have not seen these rules bypassed), and the fact I have not seen attempted bypassing of this(injection to browser etc), I seriously believe any comms made would need to be allowed by the user. Now if these comms are allowed, as to what info in sent I do not know at this time.
     
  6. hiro

    hiro Registered Member

    Joined:
    Jul 12, 2005
    Posts:
    77
    @ Stem
    Then you will learn more, as Unique Identifier works.
     
  7. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I know this, but a firewall needs to bypass user rules to give me concern. Data collection is made whenever you connect to the internet, be it from your ISP or search engine etc etc. (your ISP will log you for 6 months)

    EDIT:
    please note:- For me, only bypass (or attempt via other methods) of user rules is a concern to me in this thread
     
    Last edited: Aug 5, 2007
  8. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Mighty big claims you have there, care to show us some evidence? I am a pretty paranoid person, but I would like to see at least some meat on the bone before I jump to conclusions.
    If you have the proof then show us, otherwise it will just be a unfounded conspiracy theory.
    When Mark Russinovich found the rootkit in sony music cd´s he didnt just say this and that, he produced evidence that anyone could validate, even noobs like me.
     
  9. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    On all firewalls I do this (on external gateway). As I mentioned in my earlier post, the only question I have is in regards to the HTTPS traffic when connecting to the Comodo forums.
     
  10. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Maybe a stupid question but couldnt it be the Comodo certificate at the right lower corner of the screen?
     
  11. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    LOL. Just noticed that was there. Definitely is.
     
  12. dave88

    dave88 Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    177
    I've had some hesitation to totally trust comodo from the get go. I remember a (security?) toolbar they used to provide, it was classified as spyware by some anti-spyware softwares. I think the final verdict was that it was not spyware though? Anyway that and the nature of their business led me to be a bit wary.
     
  13. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I would need to know why the amount of data transfer, and why the HTTPS connection is first made to Google (72.14.215.97).
     
  14. Bls440

    Bls440 Registered Member

    Joined:
    Jun 22, 2007
    Posts:
    82
    really disappointing :(
    We use firewalls to protect against identity theft and here Comodo, which is considered nowadays as the best solution available, steals our surfing habits ...
     
  15. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: This privacy intrusion thing only in firewall or has been spread into other Commodo products such as BoClean and AV ?
     
  16. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Have you asked this in the Comodo forum? I realize they have a bunch of flag waivers over there but sometimes there are some answers from admins.
     
  17. dave88

    dave88 Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    177
    I wouldn't jump to the conclusion that it "steals our surfing habits..."

    But apparently it is doing some communication that it probably shouldn't be?
     
  18. dave88

    dave88 Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    177
    Hmmm, is there any business connection between google and comodo?
     
  19. hiro

    hiro Registered Member

    Joined:
    Jul 12, 2005
    Posts:
    77
    I don't know for CAV and CBOC, but read this Comodo BOClean EULA:
    Again violations of consumer privacy. Again nothing in the software EULA and Privacy Statement mentioned HOW!

    Strange how nobody have question?
    How Comodo product gater and transmit all this data, if Comodo product by installation not create condition to do this?
    How Comodo can control "proper use of the Program" if not constantly monitor your PC?
    How transfer of information without the consumer's knowledge?
    What do you think of it?

    Have fun...... with Comodo product.
     
  20. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
  21. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Ok, so all you have as evidence is your view on the eula, no data about comodo gathering information as surfing habits and all the other info you think they harvest. I bet you have not confirmed your suspicion by actually monitor what comodo does*.
    Nothing but product bashing until you produce something to chew on. All we have is your word against Comodo´s that say that they dont gather anything else than how many have the software. I have no reason to doubt them, but will do so the second someone cares to produce some evidence. I have my tin foil hat in my closet until then.

    *If you read at the comodo forum they give qite detailed info on how you can check what comodo does.
     
    Last edited: Aug 7, 2007
  22. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    I guess this is an impossible task for any current user of Comodo firewall since data may travel on encrypted channels as already mentioned by Stem...

    Fax
     
  23. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Stem might correct me on this if I misunderstood, but the HTTPS traffic only happens on Comodo site and having comodo firewall installed (or not) hasnt anything to do with that traffic. I think I will step out of this thread until there is more substantial to go on.

    I am sorry that I accused you ,hiro, for bashing. It was unnessesary. There is so much of that against companies that stands out so I am just a bit tired of it.
     
  24. hiro

    hiro Registered Member

    Joined:
    Jul 12, 2005
    Posts:
    77
    Sorry, but I think that many user are not expected to understand this. And any discussion in this direction become circumvention how I see.
    This is your and more other Comodo firewall user problem, but if you read carefully maybe some doubt arrive in a low voice. Compare this two thinks:
    If you use comodo firewall and you run "firewall update" this put in your "Registry" this: UNICODE "FEATURE_COOKIE_KB932044". What is "FEATURE_COOKIE_KB932044" you can read:
    http://support.microsoft.com/default.aspx/kb/932044

    - question: Why and because comodo forward your OS update if not use cookies?
     
  25. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    In any event, I would personally hope that users habits or whatever information is sent out, is sent in encrypted form so to at least ensure that the data is only readable to the software owner/developer and nobody else.

    Fax
     
Loading...
Thread Status:
Not open for further replies.