VPN4ALL VPN good/bad?

Im with VPN4ALL but a few things concern me, their installer/client app you use to connect to their service comes up as untrusted on Comodo firewall everytime and says it's not digitally signed what ever that means. Is this bad? Could it be a backdoor/Trojan? I also get random connect messages to servers from the client that Comodo picks up even when I'm not connected.

Anyone else have experience with VPN4ALL?

 

http://postimage.org/image/72dx5j8jf/

Can anyone explain why it's trying Modify a root certificut? Or even why it's trying to access the DNS/RPC clients?

 

It is normal that the software has not been digitally signed, it isn't necessarily bad if you downloaded the program using the official site, I have seen this warning installing other VPN clients too, it simply costs money, a lot, to pay Microsoft so that they can validate a developer's digital signature and stop that Windows security warning, small companies can't afford that. Microsoft can claim they do it for security but given the prices they charge sounds more like blackmail to me, you never get that in Linux.

The problem with the firewall I would think it just means that you need to whitelist VPN4All client sofware. I have been using VPN4All for months and my antivirus has never flagged anything, I don't think they are less or more trustable than any other VPN service. I won't comment on the service as you are already using it and can see for yourself, it seems that your main concern is with their VPN client, submit it to an online antivirus scanner for a second opinion.

 

Can some one tell me why would a VPN client software try to open up the RPC aka Remote Procedure Call? In my understanding it shouldn't do that, but Comodo flags it..

 

It sounds perfectly normal to me.

Your client it is communicating with a VPN server to get the settings, like knowing what servers are online/offline, you will find that other VPN clients do that too. It is also normal that Comodo flags it, this is a remote connection, you will have to whitelist it.

http://en.wikipedia.org/wiki/Remote_procedure_call

"An RPC is initiated by the client, which sends a request message to a known remote server to execute a specified procedure with supplied parameters."

 

I submitted it for whitelisting here. Hopefully it will be whitelisted soon. They're usually pretty fast about it nowadays.

 

When I suggested whitelisting it, I meant to say to manually add a rule in your firewall.

I am not sure Comodo can agree to whitelist an application that is remotely connecting to another server on the Internet, the logical thing to do would be to warn the user that this is happening and then he can decide if he would likes the warning to appear all the time or mark it as ignore future warnings.