Comodo might come back from the grave

[Pico]

You can ask Comodo support yourself:

support@comodo.com

Bug 20 is only a problem whenever the user enables HIPS Paranoid Mode and creates hundreds of rules. It is in the linked bug report detail, which has been archived. So it is not any kind of real problem.

I don't have to ask support because I already know the answer for more then 10 years. That's what I meant with Comodo doesn't owe anything to their paying home users, they just don't listen nor willing to fix things like this.

Bug 20 already occurs with just several HIPS rules on the list, the number of rules is totally irrelevant it just happens randomly.

What about HIPS Training Mode when HIPS collects/creates rules for apps several days or a week or so and then due to this bug all HIPS rules is lost? No real problem for those who might want to use Training Mode?

Yes it is a real problem, as explained in an earlier post.

 

[ForgottenSeer 98186]

I don't have to ask support because I already know the answer for more then 10 years. That's what I meant with Comodo doesn't owe anything to their paying home users, they just don't listen nor willing to fix things like this.

When a customer pays for CF\CIS they are NOT paying for the software or bug fixes. They are paying for support and the warranty. Have you ever read the terms?

Bug 20 already occurs with just several HIPS rules on the list, the number of rules is totally irrelevant it just happens randomly.

It is random, but it also requires a bunch of rules to be created. A large number of rules in either the firewall or HIPS or in other sections of the policy makes the database unstable.

Rules do not disappear randomly when there are just a few rules.

What about HIPS Training Mode when HIPS collects/creates rules for apps several days or a week or so and then due to this bug all HIPS rules is lost? No real problem for those who might want to use Training Mode?

This is a known issue that Comodo has been aware of and has said they will not fix. The documentation warns about Training Mode, especially when Paranoid Mode is enabled, creating too many rules and causing stability issues.

There is a setting to restore the rules to the defaults as well as the user can export\import the baseline rules. There is a workaround. It is not ideal, but it is not the end of the world. If this sort of issue bothers users, they can go use another vendor's product.

The GUI and rules bugs do not diminish the sandbox protections.

Of course, I am not saying Comodo is bad or anything. But you know when you have a bad experience with a software you just can't go back to same thing again.

This is understandable and makes sense. Some people have a bad experience and never use a product again regardless of the reasons things happened. While, more commonly, they will re-try it at some point in the future. Lots of security software enthusiasts "cycle through" all the available products over time.

It is up to each user to decide what to use and what to do.

 

[Trident]

@Oerlink so you finally provided evidence to support that Comodo offers protection equal to the one of many vendors and superior to some not-so-great.
Good boy!

This is what we’ve been waiting for since yesterday but you were too busy commenting on whether or not people understood the Windows ntdll.dll

This is how you argue and keep it up .

 

[cruelsister]

What about HIPS

The strength of Comodo is Containment (and outbound FW). The HIPS module, although fine, if run without the benefit of Containment can by bypassed even at the most restrictive level, whereas the reverse is not the case.

For me. the issue with HIPS (any HIPS) in general is that at the base level it may be inadequate, and at the most restrictive it is invariably annoying, and often confusing to all but the most adept. Compounding the issue would be the inclusion of rules that yield unintended consequences (also, a HIPS module is barely an inconvenience for a nasty person or talented cat to bypass).

 

[Trident]

For me. the issue with HIPS (any HIPS) in general is that at the base level it may be inadequate, and at the most restrictive it is invariably annoying, and often confusing to all but the most adept. Compounding the issue would be the inclusion of rules that yield unintended consequences (also, a HIPS module is barely an inconvenience for a nasty person or talented cat to bypass).

HIPS requires knowledge of both the threat landscape and OS (it targets a smaller group of people) whilst containment can be deployed on a slightly wider scale, provided that it is designed in a stable, useful and secure way.

This is the reason why HIPS (with its various implementations) did not catch up and vendors that did have it before, opted to replace it with technologies that offer some sort of contextual intelligence.
The more intelligence and variables you put into your protection however, the more doors you open to attacks but you increase the user comfort…

Comfort + protection hardly go together, one must be prioritised.

 

[Pico]

When a customer pays for CF\CIS they are NOT paying for the software or bug fixes.

A valid reason not to purchase a license.

It is random, but it also requires a bunch of rules to be created. A large number of rules in either the firewall or HIPS or in other sections of the policy makes the database unstable.

Rules do not disappear randomly when there are just a few rules.

No, it does not require a bunch of rules to be created. As said the number of rules doesn't matter at all.
No, it has nothing to do with database stability of FW or other sections. CIS just deletes or corrupts the HIPS rules without CIS having enough time to recreate the HIPS rules properly.
Yes, as said the rules DO disappear with just a few rules.

This is a known issue that Comodo has been aware of and has said they will not fix. The documentation warns about Training Mode, especially when Paranoid Mode is enabled, creating too many rules and causing stability issues.

There is a setting to restore the rules to the defaults as well as the user can export\import the baseline rules. There is a workaround. It is not ideal, but it is not the end of the world. If this sort of issue bothers users, they can go use another vendor's product.

Please provide a link to this warning in the documentation, I can't find it.

Yes there is an import function to import the default settings again. When doing so it clears every setting and all rules to their defaults and erases the settings and the rules the user has created, maddness.

 

[ForgottenSeer 98186]

A valid reason not to purchase a license.

People should not assume anything. Everybody should read software EULAs.

"Comodo reserves the right to discontinue any Internet-based update services provided to you or made available to you through the use of the Program. Notwithstanding the foregoing, Comodo shall be under no obligation to provide any updates, enhancements, modifications, revisions, or additions to the software. "

COMODO Personal Firewall™ End-User License Agreement

Learn about Comodo Personal Firewall End-User License Agreement, a legal contract between user, as either an individual or as a business entity and Comodo Security Solutions.

www.comodo.com

You should read other software EULAs. You will be surprised at the terms.

No, it does not require a bunch of rules to be created. As said the number of rules doesn't matter at all.
No, it has nothing to do with database stability of FW or other sections. CIS just deletes or corrupts the HIPS rules without CIS having enough time to recreate the HIPS rules properly.
Yes, as said the rules DO disappear with just a few rules.

The bug is exactly as I described it, and Haibo Zhang who was director of research at Comodo at that time confirmed it. The bug applies to all rule areas of active protections - firewall, HIPS, sandbox. Many rules in one section can have a negative influence on the other sections.

The exact details of the bug are not relevant. What is relevant is that users have options as a workaround.

Please provide a link to this warning in the documentation, I can't find it.

lol, you did not look very hard. The warning is in the documentation for every version of Comodo and it has been there since the 4th version.

 

[Decopi]

With regards to the so called "evidences" presented today by The Chosen One:

Believe it or not, he used reports from 2016, 2017 and in the best case from 2019!
If a security product is considered "superb" by his fanboysgirls... why they need incredible old reports to proof that their beloved software is perfect?
We live in zero-day-attack times... and these guys are using reports from 2016, 2017 and 2019?

If the product is "superb", why we can't find 2023 reports, or at least late 2022 reports?
By reports I mean "s" = plural... SEVERAL REPORTS FROM SEVERAL REVIEWERS!
It's simple! These reviews don't exist because Comodo nowadays is not "superb".
And the lack of 2023 or late 2022 good reviews (plural) is only one of the proof that Comodo today is not reliable.

In fact, when you compare 2022 reviews of top ranked security companies and Comodo... Comodo never appears as "superb".
In 2022 Comodo never ranked first at nothing (compared to top ranked competitors, in all categories or several categories at the same time).

In addition to that, again, if you say that you have a "superb" product... why you only present one company, always the same company, always making same review each year?
As an isonomy principle, if top ranked software are reviewed by several companies, why The Chosen One picks only one reviewer for his beloved software (that he never used)?
The correct method here should be:
a. Take at least two top ranked companies.
b. Take several reviews from 2023 or 2022.
c. Compare Comodo with two top ranked.
Then make your conclusion.
SPOILER: You never are going to see Comodo in 2022 or 2023 ranking on the top.

When The Chosen One uses only one company, same company making same reviews all the years, this has a name: SELECTIVE ARGUMENT.
And that is done when someone doesn't want to show all the other reviews, or someone doesn't want to compare your software with the best competitors.
Simple manipulation of info.

Again, such "superb" product as Comodo, if it's really "superb"... then easily should have tons of good reviews, even in 2023.
In short, zero evidences about Comodo!
Show me several reviews, from several companies, along the past years (including 2023 and late 2022)... and only then we will talk.

Final words:
It caught my attention how happy was @cruelsister with The Chosen One fake evidences.
I love @cruelsister and I like @cruelsister settings. But I don't accept @cruelsister lack of objectivity.
Comodo updated, upgraded, bugs fixed, official compatibility with Win 11, and @cruelsister settings... only that will make Comodo "Superb".
Unfortunately, keeping the religious fanatic mantras always saying that Comodo is "superb", when Comodo has tons of bugs, no updates in +2 years, no upgrades, no compatibility with Win11 etc... this is not useful to anyone. Worse, this destroys @cruelsister reputation.

 

[Trident]

Superb is a very objective statement which implies personal opinion - e.g. small for instance.

Head and Shoulders from P&G is “superb” to me but that doesn’t present any scientific evidence over Octopirox capabilities to fight dandruff.

Any test conducted at any time is not in any way an evidence of “superb” or “superior” protection - it merely provides evidence with one subset of malware and attacks, the product did well. Against plethora of others, it may fall short.

To come up with a conclusion, more tests are needed from more providers - this has been the way other users of this forum have tried to provide “evidence” that one product is better than other.
But Comodo does not participate in tests anymore for a reason.

Finally, apart from detection/protection/disinfection rates, there are various different factors that need to be considered before calling a product “superb”.

The evidence @Oerlink has presented (2-3 tests from ages ago) is no evidence at all, but is better that a bunch of personal opinions, statements and comments.

 

[ForgottenSeer 97327]

@Oerlink, @Decopi, @Pico and @Trident

You know we are all going to be banned for a week when this thread reaches over 210 posts?

read the forum rules

 

[I Walk MY Way]

Comodo back from the grave now Rick Grimes is going to be after it. ​

 

[simmerskool]

Comodo back from the grave now Rick Grimes is going to be after it. ​

"only in theaters"

 

[ForgottenSeer 98186]

We live in zero-day-attack times...

Really? Oh that's just awful, smh.

If the product is "superb", why we can't find 2023 reports?

Simple answer. No AV labs made tests in 2023 and released reports yet.

and these guys are using reports from 2016, 2017 and 2019?

Comodo will always defeat "zero-day-attack times" until the end of time.

 

[Trident]

Comodo will always defeat "zero-day-attack times" until the end of time.

Whatever rocks your boat!
I would rather use AppGuard Solo though.

 

[Digmor Crusher]

I may be going in my grave soon if I have to keep reading this thread.

 

[Oldie1950]

Can someone summarize the content of this thread? I lost the overview!

 

[ForgottenSeer 97327]

People who dislike Comodo post over and over again: Comodo has not been updated in two years, is not officially Windows 11 compatible and has over 40 bugs listed in the Comodo forum of which three are serious (one official reported with CVE of over 7 and two bypasses of the sandbox).

People who are in favor of Comodo post over and over again: Comodo in Cruel Sister's config still has a spotless reputation in protection and has never been bypassed in the wild and post that Comodo works on their PC with Windows 11 and are thrilled by the latest post of Comodo CEO promising an update soon.

And there is one Comodo fan-boy very successful in feeding a few pronounced Comodo critics with facts and fables to make this a never ending thread.

 

[Trident]

An AppGuard (Blue Planet-works, Inc) employee under the alias @Oerlink, with fumbling arms, sarcasm, and a little bit of outdated information keeps swirling us into an argument - every time I decide we are done, he is back here. He likes a beef and can be very persistent (I’ve searched him, it wasn’t hard).

 

[ErzCrz]

I may be going in my grave soon if I have to keep reading this thread.

I'm with you on that one!

 

[Oldie1950]

@Max90 and @Trident: Thanks for the summaries!