Comodo might come back from the grave

[Trident]

The product not being updated for 2 years means that it contains a collection of outdated drivers and scanning for malware, emulating (if Comodo uses emulation) as well as running malware in an outdated sandbox MAY (bear in mind I am not saying it WILL but exploring a possibility here) provide malware with more access it could normally have, simply being missed by a regular (if that’s a thing) antivirus. Once a malware is able to obtain kernel access, it could bypass a whole stack of defences.

You know your post history is public, right? You stated the product was unsafe "because of bugs and no updates in 2 years."

You really like to talk and have your voice heard, but you should learn to read carefully what people are saying. Above is a quote from a post that is now suffocated under the multitude of posts you generated one way or another, or caused. I urge you to read carefully what I’ve said there.

How embarrassing for you. Comodo containment runs in User Mode.

I am extremely ashamed!
I haven’t commented on any single component, be it antivirus, Defense + or Firewall.
I hope you are not trying to claim that Comodo runs entirely in user mode and that virtualisation, even if running contained code in user mode (which would be the most sensible way to run it) can work entirely in user mode, with no kernel access/drivers whatsoever.
Or that abuse/weaponisation of antivirus drivers (such as Trend Micro’s outdated Ransomware Buster driver) is not really a thing.
It’s just something I made up.

But don’t trust me, let’s here what official guidance has to say.

Obsolete products

Reducing the risks from using out of date smartphones, tablets, laptops, desktop PCs, appliances or software applications

www.ncsc.gov.uk

Why manage risk from obsolete products?​

Using obsolete products compounds two related problems:

1. 1
   

   The product will no longer receive security updates​

   If developers are no longer providing security updates, this increases the likelihood that exploitable vulnerabilities will become known by attackers.
2. 2
   

   The latest security mitigations are not present​

   Older products may lack the latest security measures, increasing the impact of vulnerabilities, making exploitation more likely to succeed, and detection of any exploitation more difficult.

In combination, these issues make high-impact security incidents more likely. This will include malware exploiting remotely-accessible vulnerabilities, which can have a catastrophic impact, across an entire organisation.
When a product is no longer supported by its developer, there are limits on the measures that will be effective in protecting against new threats. Over time, new vulnerabilities will be discovered that can be exploited by relatively low-skilled attackers.

This is from the UK’s National Cyber Security Centre, but I mean if you say running outdated software is fine… we should.

 

[ForgottenSeer 98186]

The product not being updated for 2 years means that it contains a collection of outdated drivers

Not correct at all. Drivers do not need routine updates. You might as well call Kaspersky, Bitdefender and a bunch of other security software insecure because they have not updated their drivers in years.

emulating (if Comodo uses emulation) as well as running malware in an outdated sandbox MAY (bear in mind I am not saying it WILL but exploring a possibility here) provide malware with more access it could normally have, simply being missed by a regular (if that’s a thing) antivirus.

The containment is not outdated. Nobody has demonstrated that it is unsafe. The technology itself is not obsolete nor does it need an update because Windows 11 was released.

The entirety of your post is not a fact-based analysis. The main element of everything you state is speculation and conjecture.

Now had you provided a demonstration that Comodo was unsafe, then you would have earned a lot of respect, but instead all you've done on this thread is spread FUD through nonsense and spurious arguments. For example, you claim a freeware product cannot protect better than a paid, but Comodo has been proven in lab tests for over a decade to protect better than most all of the paid security software available.

Nobody has to prove anything about Comodo to you. You are free to download it and test it fully for yourself. That way you know for sure that it does or does not do what it claims to do. Plus you can be assured that an AV test lab has not done biased testing. Since you talk like you know so much about assessing security and knowing all the security holes, then that task should be no problem for you.

You're not even a Windows user. You're a Mac user. So why does it even matter to you what Comodo does or does not do? Why do you care if there are Comodo fanboys & fangirls? What is wrong with that? Nobody is promoting Comodo products here in a way that is dangerous or misleading. In fact, any testing demonstrated here proves overwhelmingly that Comodo provides exceptional protection.

 

[Trident]

Not correct at all. Drivers do not need routine updates. You might as well call Kaspersky, Bitdefender and a bunch of other security software insecure because they have not updated their drivers in years.

All Norton drivers for example on Windows have been updated on the 14/10/22.
Drivers responsible for AV scanning and emulation as well as disinfection have been updated yesterday last.

I am a Windows and Chrome OS user as well.
I don’t wanna go through the hassle of installing the other products you mentioned now and inspect them…

 

[ForgottenSeer 98186]

All Norton drivers for example on Windows have been updated on the 14/10/22.
Drivers responsible for AV scanning and emulation as well as disinfection have been updated yesterday last.

Isn't that wonderful for you?

It has nothing to do with Comodo.

 

[Trident]

Isn't that wonderful for you?

It has nothing to do with Comodo.

But you claimed that others have not updated their drivers for years. I have just opened a Windows laptop, browsed through the Norton folder and I see all code has been modified months, some just a day ago.
Including drivers.
It has nothing to do with Comodo, it is related to your claim.

Btw when did you last update AppGuard?

 

[Zero Knowledge]

Get a room you two Your going around in circles, so just agree to disagree

 

[goodjohnjr]

Get a room you two Your going around in circles, so just agree to disagree

Sylvester Stallone Fight GIF By Rocky:



Welcome to Comodo Fight Club.

Fight Club GIF:

 

[Decopi]

@Trident and @Ink you are absolutely right!

I only know if the software hasn't been updated in 2 years, then it should be a red flag.

it is considered a standard practice within the whole IT industry out-of-date software to be avoided. It’s not just Comodo or Software A,B and C, it’s every package that hasn’t been updated. The same is even more true when we talk about security, as it’s an always-running app with kernel access - security holes are a recipe for disaster.

Obsolete products

Reducing the risks from using out of date smartphones, tablets, laptops, desktop PCs, appliances or software applications

www.ncsc.gov.uk

This is from the UK’s National Cyber Security Centre

It's not a matter of freedom of speech.
It is a matter of RESPONSIBILITY with others or third parties.

As long as someone decides to use a +2 years not updated, deeply bugged, not OS compatible etc security software... this is totally fine... even in totalitarian countries people are free of eating their own feces.
But, at the moment that this same someone, who likes to eat his own excrement, he starts to make a public apology to everyone encouraging and motivating everyone to eat poop... that is IRRESPONSIBLE towards others or third parties.
As much as a person says that his feces are safe and delicious... eating any kind of excrement is not good for health.
PS: My eschatological vocabulary is simply a consequence that reflects the low level of this thread.

 

[ForgottenSeer 98186]

But you claimed that others have not updated their drivers for years. I have just opened a Windows laptop, browsed through the Norton folder and I see all code has been modified months, some just a day ago.
Including drivers.
It has nothing to do with Comodo, it is related to your claim.

I never said that publishers NEVER update their drivers. I said they have not updated some drivers in years. Why would a publisher update a driver that is working? Do you think that publishers go on fishing expeditions to check their drivers constantly? That's not how it works. Unless there is an indication that a driver has a problem or there is something new that is being implemented, there generally is no reason to update a driver.

Get a room you two Your going around in circles, so just agree to disagree

Let's just see how much FUD and complete nonsense Trident can come up with. They keep trying. So gotta give them an A for Effort. I find the ad hominems rather amusing. I want to see what Trident's imagination can come up with next.

even in totalitarian countries people are free of eating their own feces.
But, at the moment that this same someone, who likes to eat his own excrement, he starts make a public apology to everyone encouraging and motivating everyone to eat poop... that is IRRESPONSIBLE towards others or third parties.
As much as a person says that his feces are safe and delicious... eating any kind of excrement is not good for health.
PS: My eschatological vocabulary is simply a consequence that reflects the low level of this thread.

And here it is. The entertainment I have been waiting for.

Well worth the effort and wait.

 

[Trident]

I never said that publishers NEVER update their drivers. I said they have not updated some drivers in years. Why would a publisher update a driver that is working? Do you think that publishers go on fishing expeditions to check their drivers constantly? That's not how it works. Unless there is an indication that a driver has a problem or there is something new that is being implemented, there generally is no reason to update a driver.

You claimed that Kaspersky, Bitdefender and a bunch of others (not defined who exactly) did not update their drivers for years.

I instantly checked a product by a vendor who may as well be falling into the group of this “bunch of others” (this is the one I have installed, all others would require me to uninstall Norton and this will purge certain data reducing the performance of my device)… and the result is you were wrong again.

Why would they update you are asking? Because their software is not neglected and they wanna bring constant performance and security enhancements. They have the duty to do so.

And if Comodo scored well on few tests that you provided, these vendors have been scoring well on many tests for many, many years and will continue to do so, as you said, till the end of time.

So why should people deploy a package by a company whose main theme (according to you) is consistent neglect and providing merely a “best effort”?

Will you try and dispute any of the facts above?

 

[SeriousHoax]

Dedicated to @Oerlink only.

 

[Bumblebee Uncle]

@Oerlink - No one is taking you seriously! Me and @Trident have identified how many identities you have here on MalwareTips, how previously you were even banned from discussions here.

You have lost all credibility?

Also you wrote "No, it's not. Significant portions of Windows and the Linux kernel itself have not received updates in decades. Some parts of Windows are the same code from the 1990s."

Where did you get this from? Perhaps like how you have spoken to Haibo Zhang, you must have also spoken to Bill Gates or someone close to him that have told you this?

 

[ForgottenSeer 98186]

You claimed that Kaspersky, Bitdefender and a bunch of others (not defined who exactly) did not update their drivers for years.

Which is correct.

and the result is you were wrong again.

No. It is not wrong because there are drivers that have not been updated in years.

Why would they update you are asking? Because their software is not neglected and they wanna bring constant performance and security enhancements.

Neglect has nothing to do with it. Drivers are only updated if there is a proven problem or a new feature is introduced. Security enhancements are not something that needs to be done on a regualr basis.

They have the duty to do so.

No. They do not. There is no such duty nor requirement. Drivers and software are provided on a "best effort" basis and per the terms of the EULA, or in the case of a commercial or government contract, per the SLA. A software publisher located anywhere is not compelled to do anything.

So why should people deploy a package by a company whose main theme (according to you) is consistent neglect and providing merely a “best effort”?

Not fixing GUI bugs is not neglect. Not fixing bugs that are not a security concern is not neglect.

Millions of users keep using Comodo because it provides excellent protection and it is free.

and providing merely a “best effort”?

All publishers provide software on a "best effort" basis.

Read the EULA. The EULA terms put all risk onto the user when using security software. No publisher is going to assume liability for a system that is not under their control.

The only time liability falls onto a software publisher is when the software malfunctions and causes physical harms. For example, when an x-ray system manufacturer's software malfunctions causing the system to physically harm the patient. Another example would be when software that controls machinery malfunctions causing the machinery to injure a person.

No software publisher assumes any risk for security or economic losses.

The only company that has a malware warranty is Comodo.

Where did you get this from?

Go research the Windows kernel. Microsoft released it in its entirety. And the Linux kernel is open source.

This is not difficult.

 

[Trident]

Where did you get this from? Perhaps like how you have spoken to Haibo Zhang, you must have also spoken to Bill Gates or someone close to him that have told you this?

Every publisher, specially Kaspersky, Bitdefender, “bunch of others”, Microsoft, Comodo every day contacts him to inform him of all changes made and planned to be implemented.

 

[Trident]

No. It is not wrong because there are drivers that have not been updated in years.

Which are these drivers? Do you have any example?

Security enhancements are not something that needs to be done on a regualr basis.

Yet all the companies do them on regular basis. Many supply few changelogs - one regarding the general changes and one or more regarding their protection engines. Only Comodo is so good it doesn’t need enhancements.

The only company that has a malware warranty is Comodo.

Again, untrue. There are various companies offering malware warranty, as well as identity theft insurance. You need to research the field better.

Not fixing GUI bugs is not neglect. Not fixing bugs that are not a security concern is not neglect.

If you say so.
Let’s ask users here:
Do you believe that not updating a product and not fixing bugs is neglect from the software publisher’s side?

 

[Bumblebee Uncle]

Go research the Windows kernel. Microsoft released it in its entirety. And the Linux kernel is open source.

This is not difficult.

Do you know what! You are losing credibility by the minute. You say this statements which have zero integrity and when asked for proof - you say go research - this is not difficult. I am not interested in that research. The burden of proof is on you because you made that statement.

@Oerlink - Try and understand - instead of making sweeping generalisations, learn to be wrong. I always happily admit when I am wrong. It will get you places in life instead of this monologue which you are on in which no one is interested and YOU lose credibility.

 

[ForgottenSeer 98186]

Every publisher, specially Kaspersky, Bitdefender, “bunch of others”, Microsoft, Comodo every day contacts him to inform him of all changes made and planned to be implemented.

Nobody needs contact from a publisher. It is industry practice. You should put forth the effort to be better informed.

Which are these drivers? Do you have any example?

Sure. Go research the Windows and Linux network drivers. Then take a look at Kaspersky's and Bitdefender's firewall drivers.

Yet all the companies do them on regular basis. Many supply few changelogs - one regarding the general changes and one or more regarding their protection engines. Only Comodo is so good it doesn’t need enhancements.

lol, no they don't. You are talking nonsense. A protection engine is often a service, and that's not a driver. Please show us examples of changelogs that show regular driver updates. Oh wait, you can't.

Nobody has proven that Comodo is unsafe. So why would Comodo update the containment protection?

Do you believe that not updating a product and not fixing bugs is neglect from the software publisher’s side?

 

[ForgottenSeer 98186]

You are losing credibility by the minute.

If you say so. That does not change the fact that I am not wrong. But you can think and believe whatever you wish.

You seem awfully desperate. I see that you are starting with the ad hominems again because you've got nothing else.

I am not interested in that research.

Well, it's just one of those things that you just have to put in the effort yourself. The burden is on you to do the research. You can do it as it is not difficult to understand. But as you said you are more interested in making ad hominems instead of enlightening yourself.

 

[Bumblebee Uncle]

Sure. Go research the Windows and Linux network drivers. Then take a look at Kaspersky's and Bitdefender's firewall drivers.

No! You need to do this research because you are presenting us with these statements which are not factual! You would need to do the research. You talk as if you know all about windows and linux network drivers, all about Kaspersky and Bitdefender.

Grow up JT Is this how they work at Appguard?

 

[Bumblebee Uncle]

Well, it's just one of those things that you just have to put in the effort yourself. The burden is on you to do the research. You can do it as it is not difficult to understand. But as you said you are more interested in making ad hominems instead of enlightening yourself.

The burden is on you to furnish the proof You are the one making non sensical statements not me