Never seen it happen before, we should stay alert for impersonators.
Should Comodo users stop using Comodo?
- Thread starter Andy Ful
- Start date
Updated the OP to make it more useful for readers by adding:
Some important posts that contain factual evidence related to Comodo and AV exploits:
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1147249
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1145050
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1147260
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1147273
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1147275
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144369
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144520
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144539
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144679
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144760
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144836
Most critical posts in the thread were done by: @bazang, @Divergent, and @Pico.
Post corrected
Some important posts that contain factual evidence related to Comodo and AV exploits:
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1147249
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1145050
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1147260
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1147273
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1147275
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144369
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144520
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144539
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144679
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144760
https://malwaretips.com/threads/should-comodo-users-stop-using-comodo.137607/post-1144836
Most critical posts in the thread were done by: @bazang, @Divergent, and @Pico.
Post corrected
Last edited:
I will inform you when I have one.
LOL faking to be staff member. Sad thing is he/they would probably be a good employee for them. Shows loyalty and passion.
I love the internet, something crazy everyday
.
I love the internet, something crazy everyday
.
I was glad that somebody from Comodo showed up in our forum; reflects on the company that they cared. Too bad he's a fake.
I think I have found a problem in Xcitium ( not Comodo CIS ) I made a HIPS rule to forbid changes to a registry item. Tested making the rule twice from scratch and both times and it did not fire - the change went thru to the registry. First make a HIPS protected object > registry item. Then make a HIPS rule for regedit to exercise it. I am quite disappointed to see it fail, HIPS is important to my defenses. I have finished our implementation of CIS Top 18, and am trying out the RMF way : implement then assess. If it weren't for RMF's requirement to assess our controls I would not have found it.
Maybe it is due to regedit being from MS, a trusted vendor. If thats the case I couldn't use Xcitium anymore because I want to specifically deny some MS tools. I have already sourced out a similar vendor ESET, they also have HIPS and rules.
Maybe it is due to regedit being from MS, a trusted vendor. If thats the case I couldn't use Xcitium anymore because I want to specifically deny some MS tools. I have already sourced out a similar vendor ESET, they also have HIPS and rules.
Last edited:
All signed MS applications are hardcoded whitelisted in source code.
Try with HIPS set to "Paranoid mode" I think HIPS will than show a regedit Alert.
Provide clear evidence in plain English that long-standing bugs like the famous HIPS bugs have been resolved / fixed instead of generating some unreadable noise.
For what exactly? There is some evidence, already mentioned by you and me, that not all bugs were fully patched in the past.
@Andy Ful
By framing the discussion this way you cast certain users in a negative light while preserving plausible deniability. Your language makes it appear that those who disagree are the source of the problem, essentially, conform or be exposed. It’s obvious to anyone paying attention.
Your comments were a key factor in both initiating and prolonging this debate.
By framing the discussion this way you cast certain users in a negative light while preserving plausible deniability. Your language makes it appear that those who disagree are the source of the problem, essentially, conform or be exposed. It’s obvious to anyone paying attention.
Your comments were a key factor in both initiating and prolonging this debate.
There is no deniability. I did not deny Pico's claims about the HIPs bug. His request is as strange as the request to find the HASH for the Comodo bypass. I think that such strange requests are the reason for prolonging this debate.
I believe some meaning is being lost in translation here. The way you conduct yourself leaves room for plausible deniability.
You said the debate felt long and frustrating, though it was largely prolonged by your own contributions.
Yes, if the source of the problem comes from extreme opinions. People who insist on extreme opinions should have strong evidence for that. If not, they are exposed or should agree to disagree.
Yes and No. My posts are only a reaction to the posts of members who tried to convince readers of extreme opinions. As you can see, it is hardly possible to prove extreme opinions. Pico can try hard, and then this thread will last forever.
I already mentioned that this thread is not exactly about Comodo, but rather about insisting on extreme opinions that cannot be proved.
Who exactly appointed you to dictate what others can or cannot discuss in this forum? Were you elected? Posts highlighting unresolved CVEs and usability issues are not opinions, they are verifiable facts. Open-source research makes this information publicly accessible.
There’s a well-documented history of issues with this product not being addressed in a timely manner, and that conclusion is drawn directly from evidence, not conjecture. Yet, throughout these threads, you’ve repeatedly sidestepped, deflected, and distorted the points being raised.
Now, you’re portraying those who bring up legitimate concerns as the problem, despite being the one who reignited this discussion after the previous thread was locked. I would argue that users like you are part of the problem, using deflection and plausible deniability as your primary tactics. As I said before, one would have to be willfully blind not to see it.
Such posts will always keep this thread alive. We already talked about CVEs and some usability issues. Yes, there is some evidence for that. Your opinions are there, and you have the right to think so.
The problem arises when you try to convince CIS users that they are doing wrong when using CIS 2025. You do not have sufficient arguments for that. For me, Comodo is unimportant. I would do the same in the case of another AV that I know well, because I tested it and exploited it.
Alice: For CIS users, CIS 2025 is probably a better solution than popular home AVs.
Bob: For Comodo critics, popular AVs are probably better solutions than CIS.
We can easily settle the dispute on the following statement:
It is hardly possible to prove that Alice or Bob is wrong.
The longer this thread is, the more true the above statement.
Post edited by adding "probably" to Bob's statement.
Last edited:
These posts are not one-sided, you’ve also contributed to keeping the thread going, though you seem unwilling to acknowledge that. It appears that having the last word matters more to you than whether your point is actually correct.
As for Bob and Alice, they got along perfectly well until outside influences decided it was necessary to divide them.
Now, let me ask you an important question, do you actually use Comodo on your own system, or do you rely on Windows’ built-in security along with your own configuration tweaks and tools? If it’s the latter, could you explain why you prefer the built-in security over third-party solutions? For example, is it due to concerns about third-party bugs, instability, or incompatibility?
Exactly.
Although, in HIPS paranoid mode rating is not considered by any means, so it's (almost) pure filepath based rules.
Last edited:
These bugs will never - EVER - be fixed because they require a source code re-write.
But this is one of the fundamental reasons that the internet became so rapidly adopted by the hoomans. Everybody has a "voice" and they have to have their say. The more logic and decorum that is used and enforced, the less popular the platform becomes - and people leave. People want the flamewars and drama.
You may also like...
-
-
Why Don’t Major AV Vendors Use Auto-Containment Like Comodo?
- Started by NoveyBoy
- Replies: 23
-
Hacked, leaked, exposed: Why you should never use stalkerware apps- Started by Gandalf_The_Grey
- Replies: 0
-
Intel CPUs are crashing again during summer heatwaves, Firefox dev warns — Mozilla staff's tracking overwhelmed
- Started by jamey910111
- Replies: 3
-
7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now
- Started by Gandalf_The_Grey
- Replies: 0