Should Comodo users stop using Comodo?

[cruelsister]

It’s ok, I like a bit of fight anyway

No need to correct the post.

Just be mindful that the dog is a pitbull.

Anyway, that’s an expression, we have it where I come from.

Humor is a wonderful thing, and I don't think that anyone here means in any way to be offensive (certainly not me, being Kind and gentle). But perhaps a better pithy saying would have been more appropriate for these discussions: ""We're all bozos on this bus".

999 END

 

[Andy Ful]

@cruelsister,
Does latest CIS still have many unfixed bugs inherited from previous versions or doesn't have latest CIS any unfixed bugs as suggested in this thread?

Correction. In this thread, no one suggested that the latest CIS does not have any unfixed bugs.
It was mentioned by me that a few bugs were already reported (on the Comodo Forum).
So far, MT members who use or test CIS 2025 have not reported new bugs.
The number of unfixed bugs is unknown, as well as those from previous versions.

 

[NoveyBoy]

It's wild how people keep bashing Comodo as if trashing it will somehow make the internet safer. There are plenty of real-world examples showing how effective it can be at protecting users, yet the noise around its flaws drowns out the facts. Instead of reflexive hate, we should look at concrete test results, real detection/containment behavior, and how the product actually performs in everyday scenarios.

This has gotten so out of hand that even the owner of MalwareTips had to open a dedicated thread to contain the debate which tells you how heated and repetitive the arguments have become. If you're evaluating security tools, base your opinion on current, hands-on testing and credible comparisons, not on old hearsay or forum echo chambers.

My take: Comodo deserves a fair, up-to-date assessment. It’s not perfect, but it’s far from the dumpster-fire some make it out to be and for many users it provides solid, usable protection.

 

[Trident]

I did not observe any incorrect behaviour that would deviate from the standard execution paths (classed as a bug). I did not attempt to export HIPS rules (which is a very infamous one @Pico mentions).
I don’t think that fixing this bug would require product rewriting. All that’s necessary to do is, Comodo needs to write 2 functions (Rules to Json, Json to rules). They can use one of the many JSON parsers available, or they can even make use of a JavaScript based engine (which natively loves JSON).

In programming, a bug rarely needs a full rewrite and design change.

If the rules are getting deleted after export (or whatever the problem is), then there is some sort of corruption or very wrong logic. Fixing the bug would require no more than 1 hour.
If it can’t be fixed easily, Comodo can export the rules in temp folder as well, if they are afraid to put them in an array list (in addition to where user exported), and reimport them. Again that’s one hour of work.

 

[Behold Eck]

Never used CIS for long instead opting for CFW(CS settings) and a good light AV so with that in place what are the chances of my system being whacked by one of these bypasses ? Less than zero I would say.

So should Comodo users stop using Comodo yes and no. Ditch CIS and go for the firewall with MD, Avast/AVG or Avira seems like a plan to me ?

Regards Eck

 

[Divergent]

""We're all bozos on this bus".

999 END

Some of us just have better seats.

ACK

 

[Helmut]

4). Live a Happy and Productive Life.

Ditch CIS and go for the firewall with MD, Avast/AVG or Avira seems like a plan to me ?

But I want to live a happy and productive Life.

It is a pleasure and relaxing to read here - full of valuable information

 

[Pico]

I did not observe any incorrect behaviour that would deviate from the standard execution paths (classed as a bug). I did not attempt to export HIPS rules (which is a very infamous one @Pico mentions).
I don’t think that fixing this bug would require product rewriting. All that’s necessary to do is, Comodo needs to write 2 functions (Rules to Json, Json to rules). They can use one of the many JSON parsers available, or they can even make use of a JavaScript based engine (which natively loves JSON).

In programming, a bug rarely needs a full rewrite and design change.

If the rules are getting deleted after export (or whatever the problem is), then there is some sort of corruption or very wrong logic. Fixing the bug would require no more than 1 hour.
If it can’t be fixed easily, Comodo can export the rules in temp folder as well, if they are afraid to put them in an array list (in addition to where user exported), and reimport them. Again that’s one hour of work.

The famous HIPS bug has nothing to do with exporting rules or whatsoever.
The bug occurs at system shutdown while CIS is busy adding a new HIPS rule to the registry but fails in doing that because the system is being shutdown. After next reboot all created HIPS rules are gone / deleted in the registry and as a consequence in CIS too. The user is not aware of the fact that all HIPS rules are gone / deleted until he/she notices that HIPS starts firing many many alerts on everything that is run / started on the system including low level SYSTEM things.

According to a very respected and knowledgeable mod on the Comodo forum the fix requires a rewrite of CIS code because CIS code is spaghetti and that's also why all unfixed bugs from previous versions are still present in current version (apart from the ones that got fixed as indicated by Comodo Staff on the List Of Bugs). Comodo won't invest any effort in fixing them.

 

[piquiteco]

Well, hopefully I’m not classed as one of these barking dogs

Actually, you've always barked more. As far as I know, you've never bitten anyone. BTW, how are you? Best regards! Finally, a peaceful and civilized topic.

 

[Trident]

Actually, you've always barked more. As far as I know, you've never bitten anyone. BTW, how are you? Best regards! Finally, a peaceful and civilized topic.

I’m great, thanks for asking. How are you? Indeed, a more civilised one.

 

[Sunshine-boy]

Let’s assume Comodo is not bad. That means a security product with over 100 known bugs, no visible bug-fix process, broken promises about Valkyrie, and a forum that deletes criticism… is actually good.

By that logic, a smoke detector that randomly beeps, ignores fire, and tells you “everything’s fine” while your kitchen burns down is also good.

If Comodo were a car, it’d be one with no brakes, a broken speedometer, and a fan club insisting it’s “just misunderstood.”

The absurdity writes itself. Either Comodo is bad, or we’ve redefined “good” to include abandonware with a cult following and a censorship policy. Pick one

 

[Trident]

Let’s assume Comodo is not bad. That means a security product with over 100 known bugs, no visible bug-fix process, broken promises about Valkyrie, and a forum that deletes criticism… is actually good.

By that logic, a smoke detector that randomly beeps, ignores fire, and tells you “everything’s fine” while your kitchen burns down is also good.

If Comodo were a car, it’d be one with no brakes, a broken speedometer, and a fan club insisting it’s “just misunderstood.”

The absurdity writes itself. Either Comodo is bad, or we’ve redefined “good” to include abandonware with a cult following and a censorship policy. Pick one

The Comodo business practices remain an object of ongoing criticism.

 

[Andy Ful]

According to a very respected and knowledgeable mod on the Comodo forum the fix requires a rewrite of CIS code because CIS code is spaghetti and that's also why all unfixed bugs from previous versions are still present in current version (apart from the ones that got fixed as indicated by Comodo Staff on the List Of Bugs). Comodo won't invest any effort in fixing them.

I confirmed that:
Comodo staff posted 40 old bugs that did not occur in the new version, and noted that other bugs had been reported to the development team, who were working to fix them.

What is a source of information that other old bugs are unfixable, and Comodo would not invest any effort in fixing them?
We have two conflicting statements (Comodo staff and a knowledgeable moderator).

 

[Andy Ful]

Let’s assume Comodo is not bad. That means a security product with over 100 known bugs, no visible bug-fix process, broken promises about Valkyrie, and a forum that deletes criticism… is actually good.

Most of your statement is not proven for the new CIS (except Valkyrie).
There is a "visible" bug-fix process; however, it is on a mediocre level.
This is too little to contradict that, currently, Comodo is not bad. It would contradict that Comodo is on a high level.

 

[Pico]

Which bugs got fixed from below list???

 

[oldschool]

The famous HIPS bug has nothing to do with exporting rules or whatsoever.
The bug occurs at system shutdown while CIS is busy adding a new HIPS rule to the registry but fails in doing that because the system is being shutdown. After next reboot all created HIPS rules are gone / deleted in the registry and as a consequence in CIS too. The user is not aware of the fact that all HIPS rules are gone / deleted until he/she notices that HIPS starts firing many many alerts on everything that is run / started on the system including low level SYSTEM things.

Indeed, this is the very old bug that "forgotten seer" @Umbra always mentioned, and at least one reason he wouldn't use Comodo. This member possessed excellent technical knowledge and experience, and knew what he was talking about.

 

[Trident]

Writing HIPS rules in the registry is madness and very outdated. For many years now much more effective local databases are used.

 

[Pico]

All CIS settings are stored in registry and protected by CIS, no outside tampering allowed.

 

[Trident]

All CIS settings are stored in registry and protected by CIS, no outside tampering allowed.

That’s very outdated design.

 

[Pico]

That’s very outdated design.

Registry may have better protection against tampering than local database or other file based solution.