Serious Discussion Three Unpatched Vulnerabilities Plague Comodo. Documented Online.

Would you use vulnerable and outdated software, when alternatives exist?

  • Yes

  • No

Results are only viewable after voting.
Status
Not open for further replies.
Nikola Milanovic said:
Well they are not online only Saturday and Sunday but Monday to Friday Xcitium Staff and support is always active
Click to expand...
The Comodo companies use a pool of developers - to include subcontract developers. There are no full-time, fully-dedicated product developer teams at the Comodo companies. There never has been. Melih has always used floating pools of developers that work for a while (days, weeks, months, years) on a project and then he directs them to his other projects when he decides. That means pulling them away from the software which receives no further development or even maintenance. Plus Melih has always relied heavily upon temporary subcontract developers on-the-fly.

Support staff and development staff are not the same thing. A product at Comodo might or might not have a dedicated Support staff, but none of the products have what could be called a "full-time, permanently-dedicated project or software engineering team."

If, and only if, Melih publicly states "Yes. I have fully funded and assigned a permanent team of software engineers to Xcitium for as long as the software exists for permanent, consistent, ongoing development - not just maintenance." then I will believe that Xcitium has a dedicated, permanent software engineering team. Until that happens, I know it does not because I have knowledge of internal Comodo operations.

CIS/CFW started out strong. Remained OK for a few years. Then development dropped off when Melih directed his developers to other products/projects and did not renew any developer subcontracts. CIS/CFW were developed substantially by subcontract developers at various periods of time.

What was true of Comodo is true of Xcitium. Because that is how Melih manages and operates his companies and until he leaves that management style will never change.

None of this is Comodo or Xcitium bashing. It is merely statement of fact. Whether or not people think it is a good or terrible thing is for each person to decide. A lot of people think the consequences of such a model are bad - and I tend to agree. Where I disagree with them is that Melih doesn't have to do anything because the products are offered "As Is" and "Use at your own risk" whether the user paid for the software or not.

Most people have figured out that CFW/CIS are broken and moved on a long time ago. There are some who just can't get over those that still love Comodo and use it.

And I don't care who promotes Comodo and loves it. It's their systems and data, not mine. They can post 1 million promotional videos and it bothers me not one bit. Rather, I get a big kick out of the various reactions from people who disagree with such videos.
 
Last edited by a moderator:
  • Like
  • +Reputation
Reactions: Pico, Trident, Behold Eck and 1 other person
well i dont have that kind of money and i switched to Xcitium i dont care about free comodo

But its true someone has to pay Comodo big big money in order so they fix complettely Comodo free and scratch it from 0

Because its a free product that has 0 dollars and comodo does not care about the bugs because they wont get money from a free product
 
Last edited by a moderator:
  • Like
Reactions: rashmi and Trident
bazang said:
They can post 1 million promotional videos and it bothers me not one bit. Rather, I get a big kick out of the various reactions from people who disagree with such videos.
Click to expand...
The reasons why these videos fire me up are several, mainly:
  • Not once or twice, on subjects that I’ve created, these people have appeared making comments like “before hopping on the Harmony bandwagon, users should know this <link to some vulnerability that was fixed in a few days after it was discovered and affects the gateways, not the software>. At the same time, these users are promoting software that we all know is vulnerable and is not getting fixed.
  • On Comodo forums, users are expressing concerns and wanna leave “the Comodo bandwagon”. The same user is attempting to “minimise” these vulnerabilities, with naive statements that “it is too convoluted”. I mean you saw them already.
So to me, it looks like this is a fight for power, “I love Comodo and everyone should use Comodo” kinda thing.
When you talk about something else and users start testing it, they can’t handle the loss of power and resort to very obvious tactics.

The same “user” at the time of me being active on the Harmony threads, took the free ZoneAlarm (which is totally different from Harmony Endpoint) and posted a video how “bad it is” because it didn’t detect custom scripts dropped directly on the desktop. Everyone knows that CP/ZoneAlarm power is in the emulation, which requires the file to be downloaded. The user argues that “it doesn’t matter where the script is”. For Harmony I had created custom policies to deal with local scripts.
The free ZoneAlarm doesn’t even use all engines, and the ones that use are very dated versions. The user knows this, they know the average user won’t know it, but they don’t bother to clarify.

But then, on a thread where Comodo issues and bypasses were documented (which I can link) the same user states “oh but it was on the desktop”.

So these double standards, twisting and turning facts whenever and however it is convenient , attempts to diminish someone’s authority (the ZoneAlarm case), attempts to desperately hold people on the “Comodo Bandwagon”, this for me is annoying, malicious and I can keep going.
And people relying on these practices are not credible.

Anyway, that’s my rant, I just wanna clarify that I got no problem with anyone liking or using whatever they want — as long as it’s their own personal choice and not a result of long-standing manipulations.
 
Last edited:
  • Hundred Points
  • Applause
  • Like
Reactions: rashmi, simmerskool and ForgottenSeer 94738
Decopi said:
I totally agree with you, no software is perfect!... but in the specific case of Comodo, when the company abandons its own software, and its own fanatics (even those who self-proclaim themselves as spokespersons for His Holiness Meli etc), proudly shout to the four winds that "the software is free and they have no obligation to fix its bug"s"... huuuummm, that’s when I think we fall into a serious issue of immorality and irresponsibility.
Click to expand...
Freeware software gets abandoned all the time.

No software publisher - not just Comodo - has any obligation to do anything unless there is a contract between the company and the client.

Nobody is being immoral. Nobody is being irresponsible. Read any software EULA which they ALL say "This software is offered 'AS IS' and 'USE AT YOUR OWN RISK'". Courts in all nations have upheld the notion that (paraphrase) "Users need to know what they are doing. When using software the responsibility is always the users - even when the user is dumb, stupid, ignorant, or just a two year old."

All I care about is what is legally required of a software company. What some people believe the social responsibility or the right thing to do is not relevant.

Next thing, you'll be calling Melih and cruelsister digital terrorists. It's ridiculous.
 
In normal software development world a new software release version is an improvement over the previous version, new features, bug fixes, more stable, etc.

But Comodo doesn't adhere to that, they just roll out a new version to display / show off pretending it's better... with more bugs.
 
  • Like
Reactions: Parkinsond
Pico said:
In normal software development world a new software release version is an improvement over the previous version, new features, bug fixes, more stable, etc.

But Comodo doesn't adhere to that, they just roll out a new version to display / show off pretending it's better... with more bugs.
Click to expand...
Comodo doesn't adhere to that because 1) the software owner doesn't want to and 2) he doesn't care. He, the owner, establishes what is the acceptable quality standard - not users, not pundits, not critics.

There is no obligation for Comodo to do anything unless there is a contract between them and a client. Comodo has no obligation to anyone. The EULA - again, which is like every other EULA - states "THIS SOFTWARE IS OFFERED AS IS" and "USE AT YOUR OWN RISK."

Complaining about Comodo since Day 1 has never accomplished anything. That's why 99.9% of people dropped it, moved on, and put Comodo out of their minds.

It should be evident to everyone that nothing is ever going to change at Comodo. I really cannot understand why people complain about it and the fanbois/fangirlz that promote it. If they love it and want to promote it, then that is their prerogative. Trying to cancel the promoters is just plain wrong. The claim of danger to unknowledgeable users is a bogus one. No one has ever proven that Comodo harmed anybody.
 
Trident said:
The reasons why these videos fire me up are several, mainly:
  • Not once or twice, on subjects that I’ve created, these people have appeared making comments like “before hopping on the Harmony bandwagon, users should know this <link to some vulnerability that was fixed in a few days after it was discovered and affects the gateways, not the software>. At the same time, these users are promoting software that we all know is vulnerable and is not getting fixed.
  • On Comodo forums, users are expressing concerns and wanna leave “the Comodo bandwagon”. The same user is attempting to “minimise” these vulnerabilities, with naive statements that “it is too convoluted”. I mean you saw them already.
So to me, it looks like this is a fight for power, “I love Comodo and everyone should use Comodo” kinda thing.
When you talk about something else and users start testing it, they can’t handle the loss of power and resort to very obvious tactics.

The same “user” at the time of me being active on the Harmony threads, took the free ZoneAlarm (which is totally different from Harmony Endpoint) and posted a video how “bad it is” because it didn’t detect custom scripts dropped directly on the desktop. Everyone knows that CP/ZoneAlarm power is in the emulation, which requires the file to be downloaded. The user argues that “it doesn’t matter where the script is”. For Harmony I had created custom policies to deal with local scripts.
The free ZoneAlarm doesn’t even use all engines, and the ones that use are very dated versions. The user knows this, they know the average user won’t know it, but they don’t bother to clarify.

But then, on a thread where Comodo issues and bypasses were documented (which I can link) the same user states “oh but it was on the desktop”.

So these double standards, twisting and turning facts whenever and however it is convenient , attempts to diminish someone’s authority (the ZoneAlarm case), attempts to desperately hold people on the “Comodo Bandwagon”, this for me is annoying, malicious and I can keep going.
And people relying on these practices are not credible.

Anyway, that’s my rant, I just wanna clarify that I got no problem with anyone liking or using whatever they want — as long as it’s their own personal choice and not a result of long-standing manipulations.
Click to expand...
I understand your points of view and perspective, but I expect fanbois/fangirlz to be highly biased. They will cherry-pick facts and ignore others. Cruelsister's position has always been something like this - "It is up to you, the viewer, to figure out what I am showing - and more importantly what I am not showing or stating. I am not an educator. I am a Comodo fangirl that promotes the product and shows how other products fail. I'm not here to explain all the facts to you about Comodo, other products, or anything else that is relevant."

And with that I've never taken the videos and commentary seriously. I spectated. I pointed out issues and flaws with the Comodo products. Those always went unanswered. I tried Comodo a few times for myself and after a while I decided it just was not for me - mostly because of bugs, the forum, and all the other things that people complain about.

Whatever the case might be, people have the right to promote their favorite software. There should be no efforts to cancel them or to push them off any platform.
 
  • Hundred Points
  • Like
Reactions: simmerskool, Pico, ForgottenSeer 123960 and 1 other person
bazang said:
There should be no efforts to cancel them or to push them off any platform.
Click to expand...
I am not trying to push off anyone from any platform, it's a response and mitigation.
bazang said:
Whatever the case might be, people have the right to promote their favorite software
Click to expand...
Yep, question is how you promote it. You can promote it with solid facts and evidence, and without being hungry for "power" and trying to enforce/enroll your opinion on everyone at all cost.
It's just like marketing - Head and Shoulders makes all sorts of claims. But when they start making claims like "better than..." "best...", "100%" and so on, there is a lawsuit. And then there are more carefully chosen claims, typically with added * to them.

You can't just go around, and do/say whatever you wanna say.

Not when you want to "promote".
 
Trident said:
It's just like marketing - Head and Shoulders makes all sorts of claims. But when they start making claims like "better than..." "best...", "100%" and so on, there is a lawsuit. And then there are more carefully chosen claims, typically with added * to them.

You can't just go around, and do/say whatever you wanna say.

Not when you want to "promote".
Click to expand...
I understand and respect your position, but as far as I know Cruelsister never violated any MalwareTips Terms of Service with her videos and posts.

As a biased promoter, I expected her behaviors. And since she is not working for Comodo, she is not bound by any advertising or promotion regulations or rules. There's not anything that she has done that is illegal.

I do not think you were trying to cancel her or push her off MT, but others certainly were making those efforts.

To me, it doesn't matter if she's here or not, how and what she does and does not do. She's always had an annoying element to her videos and comments at times and I just ignored it. I know others will disagree, but that is the wonderful thing about it all - everybody can have their own opinions and perspectives. Where I take issue is with Decopi always calling Cruelsister, me, and others "immoral" because none of us are. MT staff let's him get away with it, and it is wrong but at the end of the day there's nothing that can be done about it. So when he rage posts, I respond like a broken record.

It's the same as Cruelsister's tactic. If someone says something she doesn't like about Comodo, one can expect her to make "response" videos.
 
  • Like
Reactions: simmerskool and Trident
bazang said:
It's the same as Cruelsister's tactic. If someone says something she doesn't like about Comodo, one can expect her to make "response" videos
Click to expand...
I don't know.... it feels kinda low this tactic, not sure how to explain. Like we are running a high school popularity thing or something. You are getting popular so let me spill a bucket now on you, so I can be popular again...

I understand that it's all within the rules of the forum.
 
  • Like
Reactions: simmerskool
Trident said:
I don't know.... it feels kinda low this tactic, not sure how to explain. Like we are running a high school popularity thing or something. You are getting popular so let me spill a bucket now on you, so I can be popular again...
Click to expand...
I think that is how fanbois/fangirlz operate, or at least many of them.

From self-esteem to other stuff - that's all Freudian and Jungian territory - but those types don't call the therapist. They just keep doing what it is that they do.

Same crap went on for years at KernelMode until it got so bad that activity dropped off to nothing. To be honest, there weren't enough people who could skillfully perform manual malware analysis that were willing to participate actively from the beginning, but "power" struggles on that forum were a thing. People asserting they were right and everybody else was wrong; their way was the only correct way. It reached vicious levels.

That behavior is rampant on forums from security to stock market to gamer forums. It is crazy in the gamer world. People like SpyNetGirl have to put in their profile across the internet that "Fortnite Sucks!" Like, WTF?

I am not saying in any way that you are wrong. I get it. Tit-for-tat on security forums is a thing, particularly when a person is closed to other ways or options.
 
  • Like
  • Hundred Points
Reactions: simmerskool and Trident
@Trident

I also want to point out that people in the know here did sometimes ask Cruelsister pertinent questions about her demonstrations and the vast majority of those went unanswered. I never interpreted the questions as undermining her, Comodo, or the video but by not providing a detailed response I am going to assume that she did see them as a means to discredit or undermine her, Comodo, and/or the video.
 
  • Like
  • +Reputation
Reactions: Pico and Trident
bazang said:
I understand and respect your position, but as far as I know Cruelsister never violated any MalwareTips Terms of Service with her videos and posts.
Click to expand...

That is right.
I never had problems with her videos and posts, even if we disagreed. Her posts are usually kind and respectful (more often than my own). :)
 
  • Like
  • +Reputation
  • Applause
Reactions: Vitali Ortzi, Behold Eck, simmerskool and 1 other person
Status
Not open for further replies.

You may also like...