Privdog is Superfish all over again

Status
Not open for further replies.

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Privdog is a privacy protection software that is available as a standalone product for the Google Chrome Microsoft Internet Explorer and Mozilla Firefox web browser and bundled with select Comodo products including Comodo Dragon and Internet Security.

According to Comodo's website it ships with the company's Internet browser and Internet Security products.

A user on Hacker News noted that the Superfish test would return a hit even though Superfish itself was not installed on the system. After some analysis it appeared that the privacy software Privdog was the culprit in this case.

Note: I installed the latest version of Comodo Dragon on a text system and it shipped with Privdog. It did not install a root certificate on the other hand.



Privdog has been designed to block certain trackers and advertisement from showing up while you browse the Internet. It blocks all advertisement that is not hosted directly on the domain you are visiting and replaces it with AdTrustMedia advertisement.

What's worse however is the fact that it installs a certificate on the system as well. While it does not share the same key on all installations, it has an arguably even bigger flaw than that: it intercepts all certificates and replaces them with one signed by its own root key.

All in this regard means valid and invalid certificates which in turn means that the browser you are using accepts any certificate regardless of whether it is valid or not.

That's bad on many levels and means basically that you are not secure while Privdog's certificate is installed on the system.

It is therefore highly suggested to remove the software from the system and make sure that its root certificate is gone too after the removal. If it is not, you need to remove it manually from your system which you can do in the following way:

  • Tap on the Windows-key, type mmc.exe and hit enter.
  • Go to File -> Add/Remove Snap-in
  • Pick Certificates, click Add
  • Pick Computer Account, click Next
  • Pick Local Computer, click Finish
  • Click OK
  • Look under Trusted Root Certification Authorities -> Certificates
In case you are wondering what the connection between Comodo and PrivDog is: the CEO and founder of Comodo seems to be behind Privdog as well.

So why is this Superfish all over again? Both products add a root certificate to the user's computer and both make the user's computer insecure in the process and are used to earn revenue for the parent company. While they don't work the same, Privdog is arguably worse in terms of security than Superfish, they have been designed for the same purpose.
Source..http://www.ghacks.net/2015/02/23/privdog-is-superfish-all-over-again/
 

Tony Cole

Level 27
Verified
May 11, 2014
1,639
I really do not know why Melih pumps his products full of adware, when I asked him he told me that Privdog was an excellent product that he used on a daily basis - yeah right! That's why I really do not like free software, at least with Kaspersky it's free from all adverts and possible adware.
 

tonibalas

Level 40
Verified
Honorary Member
Top Poster
Well-known
Sep 26, 2014
2,973
I understand what you are saying that's why i'm using Emsisoft AM;).
But again my suggestion on installing free programs is to do a custom install so you skip anything you don't like and in case of Comodo skip Privdog or Comodo Dragon or Killswitch;)
 

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
@frogboy, thank you this. As you can see the reactions are both passionate and well founded. I've <copied> the steps to remove Privdog's root certificate :eek:..from every one of our systems!:rolleyes:
I'll <paste> it here once more for any who may need it:
  • Tap on the Windows-key, type mmc.exe and hit enter.
  • Go to File -> Add/Remove Snap-in
  • Pick Certificates, click Add
  • Pick Computer Account, click Next
  • Pick Local Computer, click Finish
  • Click OK
  • Look under Trusted Root Certification Authorities -> Certificates
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Not that I'm trying to let the truth get in the way of a good story, but:

1). PrivDog was an option on versions 7 of both CIS and CF. It is not included in any way in either version 8 of CIS or CF.
2). PrivDog IS a part of the new Chromodo product.
3). PrivDog is part of the Comodo Group, so maybe that's why "the CEO and founder of Comodo seems to be behind Privdog as well".
4). Anybody find a PrivDog Root Certificate?
5). Anyone go to the website test done by the originator of this "story" and check to see if there is any truth to this to be found at filippo.io/Badfish/ ?

But why let reality override conspiracy?
 

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
Not that I'm trying to let the truth get in the way of a good story, but:

1). PrivDog was an option on versions 7 of both CIS and CF. It is not included in any way in either version 8 of CIS or CF.
2). PrivDog IS a part of the new Chromodo product.
3). PrivDog is part of the Comodo Group, so maybe that's why "the CEO and founder of Comodo seems to be behind Privdog as well".
4). Anybody find a PrivDog Root Certificate?
5). Anyone go to the website test done by the originator of this "story" and check to see if there is any truth to this to be found at filippo.io/Badfish/ ?

But why let reality override conspiracy?

Interesting point. @cruelsister, you cut to the jugular!:D

Edit: Alright. As @Kent, and @cruelsister's suggestion illustrate,:cool: we have tested (4) browsers with the https://filippo.io/Badfish/ test (..well, with the exception of only two other browsers remaining on another system..o_O) they have all tested negative thus far. Hooray, let's 'let reality override conspiracy' !!:p
 
Last edited:

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
@frogboy, thank you this. As you can see the reactions are both passionate and well founded. I've <copied> the steps to remove Privdog's root certificate :eek:..from every one of our systems!:rolleyes:
I'll <paste> it here once more for any who may need it:
  • Tap on the Windows-key, type mmc.exe and hit enter.
  • Go to File -> Add/Remove Snap-in
  • Pick Certificates, click Add
  • Pick Computer Account, click Next
  • Pick Local Computer, click Finish
  • Click OK
  • Look under Trusted Root Certification Authorities -> Certificates
Well done a good plan i think. :D
 

Kent

Level 10
Verified
Well-known
Nov 4, 2013
468
Took the https://filippo.io/Badfish test and it turns out clean :)
I am using Comodo Dragon :D
Capture.jpg
 

jackuars

Level 27
Verified
Top Poster
Well-known
Jul 2, 2014
1,688
That's why I really do not like free software, at least with Kaspersky it's free from all adverts and possible adware.

A big difference can be made if you simply "uncheck" it during installation. :D You still get the "free" part safe and sound.

It's not easy to maintain freeware products. They still give the best part for free, which is their software.
 
Last edited:

jonn

New Member
Feb 26, 2015
1
If you use PayPal, and I'm just upset - I'm sorry. I do not mean that they are not on line, because it is the safest there. People who use PayPal, you're way ahead of the game than invoice business does not accept any form of electronic payment. I try to open my eyes and know that you can use your own payment solution in your business at minimal cost and financial broker with less than the cost of standard PayPal transaction.
 
Y

yigido

New release from 'em.

Hi All

PrivDog 3.0.10.0 is now available for download.
http://update.privdog.com/downloads/661/PrivDogSetup_3.0.108.0.exe

This new version addresses issues with keys; keys sizes have been increased to 2048 to comply with a higher standard and improve browser compatibility.

Existing users will be upgraded automatically or users can download the update. As always we recommend all users update to the latest version.

In the next few days we’ll release version 3.1 with additional features allow users to disabled the HTTPS inspection if they choose to do so. We are also implementing an HTTPS Threat Vector list that will automatically bypass HTTPS inspection for the vast majority of safe web sites.

The PrivDog Team.
 
  • Like
Reactions: Cats-4_Owners-2
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top