Comodo might come back from the grave

Status
Not open for further replies.
Pico said:
I don't have to ask support because I already know the answer for more then 10 years. That's what I meant with Comodo doesn't owe anything to their paying home users, they just don't listen nor willing to fix things like this.
Click to expand...
When a customer pays for CF\CIS they are NOT paying for the software or bug fixes. They are paying for support and the warranty. Have you ever read the terms?

Pico said:
Bug 20 already occurs with just several HIPS rules on the list, the number of rules is totally irrelevant it just happens randomly.
Click to expand...
It is random, but it also requires a bunch of rules to be created. A large number of rules in either the firewall or HIPS or in other sections of the policy makes the database unstable.

Rules do not disappear randomly when there are just a few rules.

Pico said:
What about HIPS Training Mode when HIPS collects/creates rules for apps several days or a week or so and then due to this bug all HIPS rules is lost? No real problem for those who might want to use Training Mode?
Click to expand...
This is a known issue that Comodo has been aware of and has said they will not fix. The documentation warns about Training Mode, especially when Paranoid Mode is enabled, creating too many rules and causing stability issues.

There is a setting to restore the rules to the defaults as well as the user can export\import the baseline rules. There is a workaround. It is not ideal, but it is not the end of the world. If this sort of issue bothers users, they can go use another vendor's product.

The GUI and rules bugs do not diminish the sandbox protections.

brambedkar59 said:
Of course, I am not saying Comodo is bad or anything. But you know when you have a bad experience with a software you just can't go back to same thing again.
Click to expand...
This is understandable and makes sense. Some people have a bad experience and never use a product again regardless of the reasons things happened. While, more commonly, they will re-try it at some point in the future. Lots of security software enthusiasts "cycle through" all the available products over time.

It is up to each user to decide what to use and what to do.
 
  • Like
Reactions: kylprq and brambedkar59
@Oerlink so you finally provided evidence to support that Comodo offers protection equal to the one of many vendors and superior to some not-so-great.
Good boy!

This is what we’ve been waiting for since yesterday but you were too busy commenting on whether or not people understood the Windows ntdll.dll

This is how you argue and keep it up 👍🏻 .
 
Last edited:
Pico said:
What about HIPS
Click to expand...
The strength of Comodo is Containment (and outbound FW). The HIPS module, although fine, if run without the benefit of Containment can by bypassed even at the most restrictive level, whereas the reverse is not the case.

For me. the issue with HIPS (any HIPS) in general is that at the base level it may be inadequate, and at the most restrictive it is invariably annoying, and often confusing to all but the most adept. Compounding the issue would be the inclusion of rules that yield unintended consequences (also, a HIPS module is barely an inconvenience for a nasty person or talented cat to bypass).
 
  • Applause
  • Like
  • +Reputation
Reactions: kylprq, likeastar20, simmerskool and 2 others
cruelsister said:
For me. the issue with HIPS (any HIPS) in general is that at the base level it may be inadequate, and at the most restrictive it is invariably annoying, and often confusing to all but the most adept. Compounding the issue would be the inclusion of rules that yield unintended consequences (also, a HIPS module is barely an inconvenience for a nasty person or talented cat to bypass).
Click to expand...
HIPS requires knowledge of both the threat landscape and OS (it targets a smaller group of people) whilst containment can be deployed on a slightly wider scale, provided that it is designed in a stable, useful and secure way.

This is the reason why HIPS (with its various implementations) did not catch up and vendors that did have it before, opted to replace it with technologies that offer some sort of contextual intelligence.
The more intelligence and variables you put into your protection however, the more doors you open to attacks but you increase the user comfort…

Comfort + protection hardly go together, one must be prioritised.
 
Last edited:
  • Like
Reactions: oldschool
Oerlink said:
When a customer pays for CF\CIS they are NOT paying for the software or bug fixes.
Click to expand...
A valid reason not to purchase a license.

Oerlink said:
It is random, but it also requires a bunch of rules to be created. A large number of rules in either the firewall or HIPS or in other sections of the policy makes the database unstable.

Rules do not disappear randomly when there are just a few rules.
Click to expand...
No, it does not require a bunch of rules to be created. As said the number of rules doesn't matter at all.
No, it has nothing to do with database stability of FW or other sections. CIS just deletes or corrupts the HIPS rules without CIS having enough time to recreate the HIPS rules properly.
Yes, as said the rules DO disappear with just a few rules.

Oerlink said:
This is a known issue that Comodo has been aware of and has said they will not fix. The documentation warns about Training Mode, especially when Paranoid Mode is enabled, creating too many rules and causing stability issues.

There is a setting to restore the rules to the defaults as well as the user can export\import the baseline rules. There is a workaround. It is not ideal, but it is not the end of the world. If this sort of issue bothers users, they can go use another vendor's product.
Click to expand...
Please provide a link to this warning in the documentation, I can't find it.

Yes there is an import function to import the default settings again. When doing so it clears every setting and all rules to their defaults and erases the settings and the rules the user has created, maddness.
 
  • Like
Reactions: ForgottenSeer 67091 and Trident
Pico said:
A valid reason not to purchase a license.
Click to expand...
People should not assume anything. Everybody should read software EULAs.

"Comodo reserves the right to discontinue any Internet-based update services provided to you or made available to you through the use of the Program. Notwithstanding the foregoing, Comodo shall be under no obligation to provide any updates, enhancements, modifications, revisions, or additions to the software. "

COMODO Personal Firewall™ End-User License Agreement

Learn about Comodo Personal Firewall End-User License Agreement, a legal contract between user, as either an individual or as a business entity and Comodo Security Solutions.
www.comodo.com www.comodo.com

You should read other software EULAs. You will be surprised at the terms.

Pico said:
No, it does not require a bunch of rules to be created. As said the number of rules doesn't matter at all.
No, it has nothing to do with database stability of FW or other sections. CIS just deletes or corrupts the HIPS rules without CIS having enough time to recreate the HIPS rules properly.
Yes, as said the rules DO disappear with just a few rules.
Click to expand...
The bug is exactly as I described it, and Haibo Zhang who was director of research at Comodo at that time confirmed it. The bug applies to all rule areas of active protections - firewall, HIPS, sandbox. Many rules in one section can have a negative influence on the other sections.

The exact details of the bug are not relevant. What is relevant is that users have options as a workaround.

Pico said:
Please provide a link to this warning in the documentation, I can't find it.
Click to expand...
lol, you did not look very hard. The warning is in the documentation for every version of Comodo and it has been there since the 4th version.

Untitled.png
 
Superb is a very objective statement which implies personal opinion - e.g. small for instance.

Head and Shoulders from P&G is “superb” to me but that doesn’t present any scientific evidence over Octopirox capabilities to fight dandruff.

Any test conducted at any time is not in any way an evidence of “superb” or “superior” protection - it merely provides evidence with one subset of malware and attacks, the product did well. Against plethora of others, it may fall short.

To come up with a conclusion, more tests are needed from more providers - this has been the way other users of this forum have tried to provide “evidence” that one product is better than other.
But Comodo does not participate in tests anymore for a reason.

Finally, apart from detection/protection/disinfection rates, there are various different factors that need to be considered before calling a product “superb”.

The evidence @Oerlink has presented (2-3 tests from ages ago) is no evidence at all, but is better that a bunch of personal opinions, statements and comments.
 
Last edited:
  • Like
Reactions: ForgottenSeer 67091
People who dislike Comodo post over and over again: Comodo has not been updated in two years, is not officially Windows 11 compatible and has over 40 bugs listed in the Comodo forum of which three are serious (one official reported with CVE of over 7 and two bypasses of the sandbox).

People who are in favor of Comodo post over and over again: Comodo in Cruel Sister's config still has a spotless reputation in protection and has never been bypassed in the wild and post that Comodo works on their PC with Windows 11 and are thrilled by the latest post of Comodo CEO promising an update soon.

And there is one Comodo fan-boy very successful in feeding a few pronounced Comodo critics with facts and fables to make this a never ending thread.
 
Last edited by a moderator:
  • Like
  • Applause
  • +Reputation
Reactions: goodjohnjr, brambedkar59, simmerskool and 4 others
An AppGuard (Blue Planet-works, Inc) employee under the alias @Oerlink, with fumbling arms, sarcasm, and a little bit of outdated information keeps swirling us into an argument - every time I decide we are done, he is back here. He likes a beef and can be very persistent (I’ve searched him, it wasn’t hard).
 
  • Like
Reactions: ForgottenSeer 94738 and ForgottenSeer 67091
Oerlink said:
The bug is exactly as I described it, and Haibo Zhang who was director of research at Comodo at that time confirmed it. The bug applies to all rule areas of active protections - firewall, HIPS, sandbox. Many rules in one section can have a negative influence on the other sections.
Click to expand...
I've experienced the bug as I've described it. My own observation on my own system with CIS version 12. I had just a few HIPS rules on the list and the whole HIPS rules list got erased after a while. It happened over and over again not only once even after a new fresh installs..

Oerlink said:
lol, you did not look very hard. The warning is in the documentation for every version of Comodo and it has been there since the 4th version.
Click to expand...
I may be blind but were is that warning saying: 'causing stability issues'? I only see it 'may lead to endpoint performance issues' which is something totally different meaning it could degrade responsiveness of the system and no word about deleting or corrupting rules or any database.
As I said I can't find that 'causing stability issues' phrase of yours in any CIS user guide.
Please point to that phrase in this official CIS V12 user documentation here : Comodo_Internet_Security_ver.12.0_User_Guide
Thank you.
 
  • Like
Reactions: Trident, ForgottenSeer 94738 and ForgottenSeer 67091
Status
Not open for further replies.

You may also like...