Comodo CIS Bug fix policy

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
I don't think I've ever said Comodo is superior to other software. I have said that in the years I've used it, it has never failed. And that is the truth.
You didn’t but others did. Yes, you personally, I’ve not seen you posting that. I got very good memory and I am able to track posts across threads.
 
  • Like
Reactions: Decopi

Decopi

Level 8
Verified
Oct 29, 2017
361
At MT it is possible to find (recently, below link) video of bypassed Comodo. But also at MT, years ago, it is possible to find videos and negative reviews about Comodo.

And on the web there are dozens of videos showing Comodo failures, or negative reviews from known experts (who are not anonymous, and follow universal technical protocols).

In addition to the negative videos and reviews, for years Comodo has not allowed its software to be tested by the big labs.

Most of the lies about the "unbeatable Comodo" were created here at MT, a myth based on few fanatics, who tautologically, in a social bubble convince themselves, one repeating to the other the same old mantras.

Serious Discussion - Comodo And Kaspersky bypassed in 2024 in two different files (Educational purposes only)
 

Shadowra

Level 37
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,630
Another pointless debate on Comodo, with an invasion of fanboys defending this software body and soul...
The reason I refused to take part in this topic is that every time Comodo is mentioned, it's always the war about “Comodo is the best that even protects from my boss” , “No Comodo is so lame that it set fire to my car” , “Yes but Comodo is Next-gen LOL you don't know” etc etc etc....

Not for nothing when I test Comodo, I've got a ball in my stomach :D
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Another pointless debate on Comodo, with an invasion of fanboys defending this software body and soul...
The reason I refused to take part in this topic is that every time Comodo is mentioned, it's always the war about “Comodo is the best that even protects from my boss” , “No Comodo is so lame that it set fire to my car” , “Yes but Comodo is Next-gen LOL you don't know” etc etc etc....

Not for nothing when I test Comodo, I've got a ball in my stomach :D
And this is exactly the reason why I never mentioned you or referred to your videos. 😉
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Most of the lies about the "unbeatable Comodo" were created here at MT, a myth based on few fanatics, who tautologically, in a social bubble convince themselves, one repeating to the other the same old mantras.
But don’t forget also the way proof is selectively presented. The AV-Lab test easily invalidates all claims that Comodo performs better than others.

In psychology, this is called choice-supportive bias. It is a very common phenomenon, specifically when people go for niche products. Then they see facts “selectively” in an attempt to convince themselves that the niche brand is better than what big corporations offer. More often than not, they don’t realise that they’ve got this bias.

Example: people may try to convince themselves that Dacia is better than BMW or that cleaning detergent from a local brand is better than what P&G offers, or that trainers from DunaDuna are better than Nike.

But the reality is, neither Dacia is all that good, nor that local brand will beat the science behind P&G products. DunaDuna trainers are gonna last you for 2 weeks (3 if you spray them with a protector).
At one point, people open their eyes.

Another example: everyone goes and buys the new Dior Savage Elixir. Consumer decides that they can’t be mainstream, they can’t be part of the “bandwagon effect”, they must have their own personality and choice. They go around and buy all sorts of perfumes, none of them matching the fragrance and performance of Dior Savage Elixir. They are happy, simply because they are not following “everyone else”, but when you look at the products, ignoring the personal factor, you will realise why Dior is part of the multi-billion LVMH and generates generous revenues, and these niche brands barely generate 1/20th of that revenue. They are simply, not that good.
 
Last edited:
  • Love
  • Applause
Reactions: Sorrento and Decopi

Chuck57

Level 12
Verified
Top Poster
Well-known
Oct 22, 2018
591
You didn’t but others did. Yes, you personally, I’ve not seen you posting that. I got very good memory and I am able to track posts across threads.
As one of those Comodo users, I appreciate the fact that you and I can discuss, argue, rant or rave in a respectful manner. The discussions may get heated, and there may be misunderstandings here and there, Trident, but even though disagreeing with your stance and saying so, I respect your positions.
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
As one of those Comodo users, I appreciate the fact that you and I can discuss, argue, rant or rave in a respectful manner. The discussions may get heated, and there may be misunderstandings here and there, Trident, but even though disagreeing with your stance and saying so, I respect your positions.
The fact that we argue doesn’t mean anything, maybe on another discussion we will agree on something.
 

Chuck57

Level 12
Verified
Top Poster
Well-known
Oct 22, 2018
591
And if I understand correctly, Comodo is used with Cs settings, right?
I think, but somebody can correct me, the 'new' version of Comodo firewall uses settings very similar to Cruelsister. I read it somewhere, maybe here maybe on their forum. I used it for years virtually at default settings. I didn't know what proactive was. Regardless, I never had any problems with malware of any kind.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
And another thing I fail to understand is that most people who use CF, use it without the antivirus module. Why? Bc everyone knows that this module sucks. Now let's suppose we run a piece of malware (or Gob forbid a malware pack) against Comodo. If we use CF on its own, we need to run each sample and BTW if we redo the test Comodo will not detect the sample ore execution. Why would I choose this product when other product use decent cloud protection and top notch signatures?

As a user, I definitely would not prefer for a piece of malaware to run. Ore execution detection is best. Comodo unfortunately stopped innovation and their antivirus engine sucks. And I also do not get it why anyone would ever prefer to be bombarded with prompts to block a piece of malware that other security solution would take a fraction of a sec to detect?
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
I think, but somebody can correct me, the 'new' version of Comodo firewall uses settings very similar to Cruelsister. I read it somewhere, maybe here maybe on their forum. I used it for years virtually at default settings. I didn't know what proactive was. Regardless, I never had any problems with malware of any kind.
Maybe Bc u did not download shady stuff? This is the very same argument that Webroot fanboys use. "I have been using Webroot for x years and I have never got infected".

I admire CS and her work. I find her work to be interesting and enjoyable. I am not an expert, just a casual user. But why would I ever choose Comodo which certainly demands a learning curve when I can use BD which does requires zero interactions from me?
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
yes, agree re @Shadowra's video, but some hyperbolic posts, while textually accurate are perhaps out of context to some degree. I read it as performing the same, ie, 100% in that lab test.
But additional pointers in the test, still proved that others are first, blocking a lot more malware very easily, in the pre-execution phase and second, if they allow anything to execute, react quicker. So even this test cannot serve to prove Comodo superiority, it simply proves that on a scope of 350 samples, Comodo offered acceptable protection.

But others had the capability to offer the same protection in a much more efficient manner.

I am talking about the AV-Lab.pl test, many other tests, Comodo has dropped, usually with a lot of drama around this event.
I think, but somebody can correct me, the 'new' version of Comodo firewall uses settings very similar to Cruelsister. I read it somewhere, maybe here maybe on their forum. I used it for years virtually at default settings. I didn't know what proactive was. Regardless, I never had any problems with malware of any kind.
Xcitium uses similar settings to CS Comodo.
Be honest, you say you never had problems with malware, we accept that. But in reality, how many potential incidents were stopped by Comodo, how many times it contained something and this turned out to be malicious. Does the number exceed 5?
As a user, I definitely would not prefer for a piece of malaware to run. Ore execution detection is best
It is, this is what I’ve been debating. Allowing malware to run is absurd! Every “specialist” will tell you that, nobody will ever advise you to execute malware, even in local sandboxes. If you show a video where malware is allowed to run sandboxed and then a firewall prompt blocks the connection, 4/5 will be laughing at you, the fifth one will probably go away.
And I also do not get it why anyone would ever prefer to be bombarded with prompts to block a piece of malware that other security solution would take a fraction of a sec to detect?
Well this is the choice-supportive bias I explained in a previous post. People get satisfaction from not following the masses, not installing what everyone else installs.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
But additional pointers in the test, still proved that others are first, blocking a lot more malware very easily, in the pre-execution phase and second, if they allow anything to execute, react quicker. So even this test cannot serve to prove Comodo superiority, it simply proves that on a scope of 350 samples, Comodo offered acceptable protection.

But others had the capability to offer the same protection in a much more efficient manner.

I am talking about the AV-Lab.pl test, many other tests, Comodo has dropped, usually with a lot of drama around this event.
And regarding the user-dependent prompts. Now what if a gamer downloaded a crack for their favourite game, and they were presented with a prompt? I believe the user is not capable of making that decision and if they do choose to allow execution? We can blame the user?
Other vendors who spent millions on R&D and developed a user-friendly product that uses multiple layers of protection provide decent protection requiring zero to minimal interactiona from the end user.

If one wants to use Comodo for fun or experiment with it then I get it, but it should never be recommended to users.
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
There is a problem with everything based on alerts, prompts, informational banners and so on, and it is called alert fatigue.

It is a genuine problem in various systems, such as email security platforms, operating systems (the infous UAC), it was the problem of HIPS and it is a problem everywhere the concept of asking or warning the user is applied.

Alerts and prompts are meaningful only when displayed once in a while, at the right time.

When on every file downloaded from the internet or, on every email you display alerts and banners, they simply don’t mean anything to the user anymore.

Systems are required to take decisions and actions. And this requires substantial investments, but delivers the solution that is necessary today.

Alerts and prompts in 2024 are not the security that users and businesses are looking for.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
There is a problem with everything based on alerts, prompts, informational banners and so on, and it is called alert fatigue.

It is a genuine problem in various systems, such as email security platforms, operating systems (the infous UAC), it was the problem of HIPS and it is a problem everywhere the concept of asking or warning the user is applied.

Alerts and prompts are meaningful only when displayed once in a while, at the right time.

When on every file downloaded from the internet or, on every email you display alerts and banners, they simply don’t mean anything to the user anymore.

Systems are required to take decisions and actions. And this requires substantial investments, but delivers the solution that is necessary today.

Alerts and prompts in 2024 are not the security that users and businesses are looking for.
I agree. I configured Emsisoft BB to alert in the case of suspicious behaviour and I could not live with it for an hour. I was trying to Install Wondershare PDFelement which had a problem with it digital signature and Emsisoft BB bombarded me with endless alerts.

Never had this problem with smarter products such as BD and Avast/AVG.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
And I have to shed some light on another point here. Generally speaking a product which interacts with the user a lot and generates multiple prompts usually create a wrong sense of protection. "if it shows many alerts then it is good and it is doing its job".
 

Behold Eck

Level 18
Verified
Top Poster
Well-known
Jun 22, 2014
878
And another thing I fail to understand is that most people who use CF, use it without the antivirus module. Why? Bc everyone knows that this module sucks. Now let's suppose we run a piece of malware (or Gob forbid a malware pack) against Comodo. If we use CF on its own, we need to run each sample and BTW if we redo the test Comodo will not detect the sample ore execution. Why would I choose this product when other product use decent cloud protection and top notch signatures?

As a user, I definitely would not prefer for a piece of malaware to run. Ore execution detection is best. Comodo unfortunately stopped innovation and their antivirus engine sucks. And I also do not get it why anyone would ever prefer to be bombarded with prompts to block a piece of malware that other security solution would take a fraction of a sec to detect?
This will run, if you let it. WTF! Block it it!

Can`t wait untill 200 posts

Regards Eck:)
 
Last edited:

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
I agree. I configured Emsisoft BB to alert in the case of suspicious behaviour and I could not live with it for an hour
Well, similar experience with Eset HIPS, it is an alert parade. It has been added (or rather hasn’t been removed) to “register presence”, look at us, we’ve got HIPS. But on a production system, it is completely useless. You end up with 2 postures: learning (where everything will generally be allowed, including malware activity) and user-dependant, where the user will be prompted. All these prompts will not add any protection, they will simply add annoyance.
And I have to shed some light on another point here. Generally speaking a product which interacts with the user a lot and generates multiple prompts usually create a wrong sense of protection. "if it shows many alerts then it is good and it is doing its job".
Obviously. Poor threat intelligence, poor ability to take decisions, so what’s the next best thing? Asking the user of course. The other option is to
A) block everything (annoy users, they will uninstall the product)
B) allow everything (which… can be achieved without the product too).
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top