Serious Discussion Three Unpatched Vulnerabilities Plague Comodo. Documented Online.

[Andy Ful]

The AI Expert argumentation is valid for highly targeted attacks. The Comodo vendor should patch those vulnerabilities as soon as possible.
Anyway, we discussed on MT some other, more dangerous, and still unpatched flaws. Yet, there are no reports that they were used in the wild. Just as the bypass I discovered last year (via shortcut + WDAC policy), those possible bypasses are also unimportant for home users.

 

[Sorrento]

Well that's Comodo sorted: Next??

 

[rashmi]

The AI Expert argumentation is valid for highly targeted attacks. The Comodo vendor should patch those vulnerabilities as soon as possible.
Anyway, we discussed on MT some other, more dangerous, and still unpatched flaws. Yet, there are no reports that they were used in the wild. Just as the bypass I discovered last year (via shortcut + WDAC policy), those possible bypasses are also unimportant for home users.

The AI's expert argument typically addresses a vulnerability. Challenge the AI with your expert arguments. It will apologize and change its response. Then, provide product-specific expert arguments. The AI will apologize and agree. It will also offer a new response. Continue this process. The AI will eventually give invalid responses that seem valid. Continue challenging it. Finally, the AI will apologize and admit defeat. It will then suggest contacting the vendor for accurate information.

 

[Parkinsond]

AI will apologize

How courteous is AI

 

[rashmi]

Well that's Comodo sorted: Next??

Ouch, that's a blow for @Jack... Comodo topics are MalwareTips' golden goose!

 

[Andy Ful]

The AI's expert argument typically addresses a vulnerability. Challenge the AI with your expert arguments. It will apologize and change its response. Then, provide product-specific expert arguments. The AI will apologize and agree. It will also offer a new response. Continue this process. The AI will eventually give invalid responses that seem valid. Continue challenging it. Finally, the AI will apologize and admit defeat. It will then suggest contacting the vendor for accurate information.

I found AI-based information to be useful when searching for sources. Next, I inspect those sources and compare my conclusions (based on AI sources and other known sources) with AI. Finally, I correct my conclusions if some AI arguments are solid.

 

[Trident]

I found AI-based information to be useful when searching for sources. Next, I inspect those sources and compare my conclusions (based on AI sources and other known sources) with AI. Finally, I correct my conclusions if some AI arguments are solid.

If one wants to invalidate and diminish arguments to support their product of choice, they can always find a way to do it.

 

[Marko :)]

What I find interesting about Comodo is their products remain available and websites working. Heavily out of date, but still available. And with all the controversy company remains silent. Latest news published on their website is from 2022.

Do they have anyone employed at all anymore? Does their HQ still works or it's closed?

 

[Trident]

What I find interesting about Comodo is their products remain available and websites working. Heavily out of date, but still available. And with all the controversy company remains silent. Latest news published on their website is from 2022.

Do they have anyone employed at all anymore? Does their HQ still works or it's closed?

They are now more focused on Xcitium. They could merge the Xcitium and Comodo codebases which was the smartest thing they could’ve done. But no, they maintain 2 different codebases, though the Comodo one… yeah. We all know how it is maintained.

 

[Parkinsond]

They could merge the Xcitium and Comodo codebases

Is Xcitium codebase good?

 

[Trident]

Is Xcitium codebase good?

It’s maintained and updated (on their forum there are changelogs).

 

[Marko :)]

They are now more focused on Xcitium. They could merge the Xcitium and Comodo codebases which was the smartest thing they could’ve done. But no, they maintain 2 different codebases, though the Comodo one… yeah. We all know how it is maintained.

So in other words Comodo and Xcitium are two different companies, operating from the same location and have the same people working for both. With Xcitium being actively developed while Comodo dies in slow and agonizing death. Yeah... totally nothing suspicious here.

I still can't figure out their end goal here.

 

[piquiteco]

I still can't figure out their end goal here.

Money.

 

[ForgottenSeer 116559]

If they had a conscience to spare, they would've already resigned to the fate of unmaintained security software: discontinue it and advise everyone to use something else. The landscape and market have changed drastically since the heyday of Comodo software.

 

[rashmi]

I still can't figure out their end goal here.

Comodo's free version is the perfect guinea pig starter kit for Xcitium's upgrade experiment!

 

[rashmi]

I found AI-based information to be useful when searching for sources. Next, I inspect those sources and compare my conclusions (based on AI sources and other known sources) with AI. Finally, I correct my conclusions if some AI arguments are solid.

AIs are helpful. However, they also provide inaccurate or fabricated information. General/casual prompts elicit similar responses. In a complex/specific case, you need to provide a specific and detailed prompt. This is required to receive a valid response for that specific case. You must also verify the information's accuracy.

 

[Trident]

AIs are helpful. However, they also provide inaccurate or fabricated information. General/casual prompts elicit similar responses. In a complex/specific case, you need to provide a specific and detailed prompt. This is required to receive a valid response for that specific case. You must also verify the information's accuracy.

I don’t see a single statement in the AI that is “incorrect”. The model was provided with the texts from the article and the “defence” statement. The defence statements were proven to be wrong.

I could write these statements myself (and partially did), I attached the AI texts as a second opinion. Because I know how “defence” will react.

 

[rashmi]

I don’t see a single statement in the AI that is “incorrect”. The model was provided with the texts from the article and the “defence” statement. The defence statements were proven to be wrong.

I could write these statements myself (and partially did), I attached the AI texts as a second opinion. Because I know how “defence” will react.

My comments were not a response to your thread or posts. If I had wanted to reply to you, I would have quoted you.

 

[Trident]

My comments were not a response to your thread or posts. If I had wanted to reply to you, I would have quoted you.

Defence is the Comodo defence. We all know who they are.

 

[rashmi]

Defence is the Comodo defence. We all know who they are.

Comodo defence is impenetrable... unless you have the capabilities of a zero-day exploit using "D"LL hijacking!