App Review Comodo's killer.

[Decopi]

I cannot see the reason to recommend changing Comodo to another solution if one likes it and uses it without issues with hardened settings.

It is not about invading users' individual decisions. That freedom of choice is untouchable.

What is at issue here, and you know it well, is that fanatics promote Comodo and impose it on other users, like a religion that preaches the absolute truth of the universe (“the best and most complete unbeatable solution for cyber security, for all users”).

It is about the readers who do NOT use Comodo, and who have no knowledge to discern between the lies, manipulations and omissions that are (immorally and irresponsibly) made by Comodo fanatics.

It is about the fact, that between “not as smart as Ulysses but can be as dumb and strong as Herakles”, Comodo and its fanatics always omit, lie and manipulate the reality by hiding the fact that Comodo is an abandon-ware, full of old and dangerous unfixed bugs, without real updates/upgrades etc... where any discussion about Comodo, in order to alert users, should be preceded by some “DEPRECATED SOFTWARE” tag, or some alert informing about Comodo bugs, lack of updates/upgrades, Firewall and Containment vulnerabilities, or a simple alert explaining to users that Comodo is neither an antivirus nor antimalware, it is a simple dumb blocker, full of false-positives and bugs (and 99,99% of users are not capable to use blockers, even if they are strong as Herakles).

In addition, it is also about the fact that most of the blockers are strong as Herakles...absolutely nothing especial here. And you know better than me, that a customized hardening of Windows can convert Windows in the best Herakles strong blocker... so, why Comodo is needed at all?
Blockers had a good function 20 or 30 years ago, when regular antivirus/antimalware where totally unable to deal with zero-day-attacks. But since then, antivirus/antimalware technology improved, and blockers were buried. Also, nowadays in modern times of hipper-connectivity, "usability" is the focus, so most of the users can't use a blocker anymore (even if it is strong as Herakles). Today, modern software can't use "dumb blocking" as a security strategy, because "usability" is sacred... and that's the reason why Windows delivers its product with default settings preserving "usability" (even when Windows settings could transform it into the strongest of the blockers).

I repeat Andy, I thank you for all your teachings, and I agree with most of your threads, comments and opinions. Only in relation to Comodo, I don't agree with you, specifically when you admit some utility or possibility of using Comodo. But I repeat also, I respect your opinion.
Even when you see my argument as extremism on my part, I hope you understand that I am not talking about Comodo users, who are free to eat shi@. My focus is on the users who do NOT use Comodo, and the lack of objectivity here at MT, by not presenting all the complete and correct information about Comodo, which would allow other users to make right decisions.

 

[ErzCrz]

@Decopi You've flooded pretty much ever Comodo thread with the same phrases over and over. There are 74 known bugs, not hundreds. So what if it's a blocker, it still stops Unknown malware. Even CS only recommends using the Firewall as most will these day.

I think everyone gets the message your keep shouting like a broken record. I do applause for the passionate hatred you have for Comodo. Surely your using a far superior security solution so stick with that and give that a shout out. People don't commonly recommend Comodo in most places these days. Reddit, Bleeping Computer, most of here all tell you to use Microsoft Defender and half of those recommend Andy's tweaking tools.

At any rate, your posts aren't very constructive nor offer much in the way of solutions or alternatives apart from hardening Windows. I just think your energy would be better spent providing informative and helpful posts rather than what comes across as agressive negative bashing.

 

[Andy Ful]

@Decopi,

My statement "I cannot see the reason to recommend changing Comodo to another solution if one likes it and uses it without issues with hardened settings", did not require any comment.

 

[Decopi]

@Decopi,

My statement "I cannot see the reason to recommend changing Comodo to another solution if one likes it and uses it without issues with hardened settings", did not require any comment.

I would never dare to expect you to change your comments, much less try to convince you of anything.

My disagreement with you is very specific, on a single very specific point, and our short talk was an opportunity to express my argument. For that reason Andy, I thank you for the space you opened for me, that unlike the radical and intolerant reactionary Comodo fanatics, you kindly allowed me to make my case, even when you were/are in disagreement with me.

Thank you very much again

 

[Andy Ful]

OK. The off-topic discussion about the general Comodo recommendations and opinions is now closed.
I commented on @vitao's post because of my video. Anyone can post comments about Comodo and "moving on ..." to the threads he has opened if necessary.

 

[vitao]

DecimaTech explained the Comodo/UAC flaw, which is well-known to Comodo staff. If you think other AV vendors are eager to patch all known flaws, you will be disappointed.
Furthermore, despite this incompatibility, you can hardly find a stronger solution than @cruelsister settings + safe mode HIPS + some hardening via Script Analysis (of course there can be some with similar strength).

Comodo has some important advantages for non-enterprise users:

1. It is rarely a target of criminals.
2. It uses auto-containment and most solutions do not.

If you will see malware attacking your personal computer, it will not be the sandbox bypass, except when you are a celebrity, dissident, or VIP. If something might pass by your Comodo protection, it would be via DLL hijacking or a similar fileless (non-EXE) technique. Even then, you will have a fair chance to stop the attack flow because many attacks starting from fileless vectors, still use standard methods at the later infection stages. So in the end, the final payload can be contained anyway.

As an example, one could take the @Loyisa exploit. From points 1-2 it follows, that you hardly can see such an exploit on your computer, but rather a modified version when the auto-containment bypass via creating service is replaced by a UAC bypass unrelated to sandbox escape. Such a UAC bypass can be mainly contained with no escape. In the case when the file with UAC bypass is not contained and tries to run an EXE payload, the payload can be auto-contained into a full-strength sandbox (payload will start with Administrator privileges before containment = no sandbox escape).

Of course, there is still some possibility that malware can compromise your protection (via purely non-EXE attack or by using some unrestricted LOLBin), but such malware is very rare and other solutions can hardly do better. Anyway, there is nothing wrong with trying.
I am afraid that after moving on, most people will replace strong protection + known but rarely exploited feature, with not-so-strong protection + unknown by the user (but known by attackers) more frequently exploited features.

I understand what youre saying but i can not agree. For this lack of interest in solving this exploitation now cis has a "friend". cis trust an ransomware so it can run and do whatever he wants. the video is online. ill bring a topic about it.

so even if comodo is small and dont get much attention, the lack of updates and bugfixes just shows how they just dont give a danm about their userbase. and this is the case with xcitium too as the poc bypasses it too (the new one too) and xcitium is a pai product for enterprises and it has a god danm edr... or am i going too far?

 

[vitao]

Hi @Andy Ful , please, once again, and with all due respect, allow me to disagree with your last post.

Comodo is an abandon-ware, it has not had any real update/upgrade for years, it is full of dangerous unfixed bugs, most of its features are garbage, and several times "Containment" already has been proven by-passable. Therefore, in this context, as a matter of principle, no software in this condition should be used. Period!

The problem is the IMMORALITY and IRRESPONSIBILITY, both, of Comodo (which continues to promote its software as "the most complete solution for cyber security"), as well as of its fanatics, who lie, omit and manipulate information, creating a false myth that has lasted for years.

In addition, Comodo is not able to detect viruses/malware, so at best it can only be classified as a “blocker”. However, with the lack of updates + no bug fixes, nowadays not even the blocker function is reliable! Also, it's worth mentioning the fact that 99% of users are NOT suitable to use blockers as security systems. And if it is a matter of “blocking” stuff, then it would be enough to harden Windows. Finally, there is also no logical reason to use a blocker, when there are countless excellent free alternatives on the market, real antivirus/antimalware, modern and well maintained.

In this pathetic context, continuing to promote Comodo, besides being immoral and irresponsible, is like promoting the unplugging of a computer from the internet or electricity, as the most “infallible complete cyber security system”... RIDICULOUS! Every time a problem is reported with Comodo, what is always proposed is a patch/hack where more and more stuff is blocked. And considering that the current blocker function (Containment) already triggers hundreds of false blockings (safe files blocked), the only thing they will achieve by hardening/patching/hacking Comodo more and more is that its security will be analogous to unplugging a computer from the internet/electricity (Comodo will totally kill user usability). Comodo has been dangerous for years, and now they are turning it into a totally unusable software.

As I mentioned, 99.99% of users are not prepared to use any kind of blocker as security software. And by hardening/patching/hacking Comodo (instead of fixing or improving Comodo), the only thing they will achieve is that 99.999999% of users will NOT be able to use Comodo.

And the fact that Comodo is useful for 0.000001% of users does not justify the immorality and irresponsibility of Comodo fanatics, who continue to promote Comodo as an alternative for everyone.

and here i have to disagree with you.

i hate the fact that melih doesnt care about his userbase. I hate the fact that cis has no real update since 2020 (2025 has a new gui, an ugly one if i may). But i can not agree about the protection thing. In fact, maybe its the reason they "dont care" too much as cis containment is the best prevention solution out there.

sure. cis has many problems, many incompatibilities, many bugs, many exploits can bypass it, but even with all that, its a strong solution for prevention. but its not suitable to everyone. that i agree...

 

[vitao]

You're either gonna fall in love with Melih or fall in love with the fact that you can't beat him. "D" knows what I'm talking about!

? no feelings about him or anything else. just comenting things that are happening these days in fact, maybe he will fall in love with me it that thing continues... in fact he is here looking close... right cruel?

 

[vitao]

OK. The off-topic discussion about the general Comodo recommendations and opinions is now closed.
I commented on @vitao's post because of my video. Anyone can post comments about Comodo and "moving on ..." to the threads he has opened if necessary.

here i see some sarcasm, or some kind of "i have the truth in me and everyone else is wrong and if someone disagree can go out my beloved topic",

sorry, it seemed a little sick but its not the goal nor the point. i dont know how to express this kind of "idea" in other languages than mine so if this feels strange, please ignore, or try to understand without rocks on hand...

 

[Andy Ful]

here i see some sarcasm, or some kind of "i have the truth in me and everyone else is wrong and if someone disagree can go out my beloved topic",

sorry, it seemed a little sick but its not the goal nor the point. i dont know how to express this kind of "idea" in other languages than mine so if this feels strange, please ignore, or try to understand without rocks on hand...

No sarcasm. I closed the interesting (but off-topic) discussion in this thread, but someone can have another opinion and may want to share it with you.
Guys please, talk about general Comodo problems in another thread.
If you want I can ask the MT staff to move the interesting (but off-topic here) posts to one of your threads, where they can be non-off-topic and welcome.
Any posts about killing Comodo, Comodo bypasses, escaping from the sandbox, UAC incompatibilities, etc. are welcome here.

 

[vitao]

No sarcasm. I closed the interesting (but off-topic) discussion in this thread, but someone can have another opinion and may want to share it with you.
Guys please, talk about general Comodo problems in another thread.
If you want I can ask the MT staff to move the interesting (but off-topic here) posts to one of your threads, where they can be non-off-topic.
Any posts about killing Comodo, Comodo bypasses, escaping from the sandbox, UAC incompatibilities, etc. are welcome here.

that was not my point but i understand and i agree with you. and sorry if i did bring any kind of offtopic for this topic and if i, in some way, contributed to it. not my intention. lets focus on the first post of yours here.

 

[Andy Ful]

that was not my point but i understand and i agree with you. and sorry if i did bring any kind of offtopic for this topic ....

It is OK, a few off-topic interesting posts are normal in any thread.

 

[rashmi]

in fact, maybe he will fall in love with me it that thing continues...

The official love song of COMODO... Come On, Melih, Open Door, Oh!

 

[vitao]

hahahaha

 

[Andy Ful]

The official love song of COMODO... Come On, Melih, Open Door, Oh!

https://malwaretips.com/threads/comodos-killer.133558/post-1107412