Who people continue use comodo is way beyond my understanding when there are more overall effective products?? Rhetorical question!
Three Unpatched Vulnerabilities Plague Comodo. Documented Online.
- Thread starter Trident
- Start date
- Status
bazang:
Comodo's, or rather Melih's, approach is different, which is important to understand. It's not about searching for intruders who are already "in the house." Comodo doesn't search for burglars; it prevents them from entering in the first place. In the former case, holes must first be reported and then plugged, whereas in the latter case, there are no holes at all, which also prompts faster responses from the software. Compare this: My house already has outdoor lights, outdoor detectors/alarm systems, and cameras, all of which are activated before the burglar can even break in, rather than everything being installed inside: "Aha, there's someone who doesn't belong in, and then the search begins to find where they are in order to neutralize them." But some others are already using this proactive defense in addition.
Last edited:
The reason is simple. They believe that Comodo tweaked is most effective for them. There is no proof that they are wrong (the opposite is also true). Comodo Internet Security has some non-default strong settings.
A few MT members (including me) presented some weak points in Comodo's protection, but there is no evidence that attackers exploited Comodo in the wild. I can bypass Comodo without a problem, but this is hardly possible when the attacker does not know which AV is installed.
All this can work because the attackers do not expect the presence of Comodo (not a popular AV). Almost all attacks are focused on bypassing protection layers used by other AVs (unrelated to auto-containment). The problem can arise in targeted attacks on businesses.
Some tests indicate that Comodo's protection on default settings is not optimal, but these tests are typically related to Comodo AV rather than CIS.
CIS tweaked has more protective power. Furthermore, almost all tests fail to properly show the protection against a few-hour malware, where the auto-containment feature is advantageous over advanced heuristics and behavior-based detections adopted by popular AVs.
Shortly, the AV tests most probably decrease the in-the-wild protection scores of products based on auto-containment and slow signatures.
Last edited:
I think that's an objective assessment.
And I'll add: Since I started using Comodo, I haven't had any problems with it. It was recommended to me by a cybersecurity professional who still works for a purely systems-based company that serves a wide range of people and businesses. I don't know if he used Comodo at work. Does he at least still use it privately? I don't know.
So why should I replace it now? I don't have many of the problems some people are raising in the Comodo forum, most of them. I was really confused.
But the fact that CVE isn't a specific problem for Comodo, which I always assumed, has reassured me, and @cruelsister was right. I should have listened to her in the first place.
And I'll add: Since I started using Comodo, I haven't had any problems with it. It was recommended to me by a cybersecurity professional who still works for a purely systems-based company that serves a wide range of people and businesses. I don't know if he used Comodo at work. Does he at least still use it privately? I don't know.
So why should I replace it now? I don't have many of the problems some people are raising in the Comodo forum, most of them. I was really confused.
But the fact that CVE isn't a specific problem for Comodo, which I always assumed, has reassured me, and @cruelsister was right. I should have listened to her in the first place.
Last edited:
F
ForgottenSeer 114717
Isn't that wonderful? Melih pulls away from some other project 1 developer and have them work for 20 minutes during 1 day of each work week for 5 business days on CIS 2026.
And voila! CIS with new skins. All old, unfixed bugs shall remain. Reported vulnerabilities not fixed.
Rinse. Repeat. CIS 2030, 2035, 2040,...
Wuh? Did you expect anything else?
Keep in mind that Melih is only 57 years old and has another 30+ years of controlling Comodo remaining.
Future opportunities to complain about Comodo shall be many.
F
ForgottenSeer 114717
This is why Melih created Comodo, and a big reason why he does not care about most bugs and vulnerabilities. To most criticisms he is going to reply "Despite the bugs and vulnerabilities, Comodo still protects users and their data better than the vast majority of security software!"
Comodo was created for ideological reasons. Melih believes "Signatures are stupid. Auto-containment is smart. And the AV industry has been misleading the world for decades and all of you out there have been duped into believing their lies."
Stated another way, the software owner is not very interested in bugs and other problems, nor complaints. His agenda is to wage his ongoing ideological battle with the entire AV industry using a buggy, vulnerable solution as the instrument to prove his statements about the AV industry are correct.
A more current way of phrasing these facts is "Melih created and maintains CFW/CIS to troll the AV industry."
F
ForgottenSeer 114717
Nobody at Comodo ever acknowledged that "There are more than 150 dangerous unfixed bugs." You are deliberately calling the bugs "dangerous" because you dislike Comodo. I know for a fact that nobody at Comodo ever stated "The more than 150 unfixed bugs are dangerous" or labeled them "dangerous," because the truth is, while some might rise to "serious" with regards to usability, only a few of them can be considered "dangerous."
The software owner, Melih, is OK with all of the bugs and will NEVER fix them.
Some people out there will continue to use Comodo despite the bugs.
Last edited by a moderator:
Forums are full of fans and anti-fans. Both usually have some good points, but cannot be taken seriously.
I think that none of MT members who posted in this thread would recommend Comodo (with a clear conscience) to average users.
It can be useful for users who already use Comodo, have used it in the past, and still like it. There is no evidence that they are wrong.
However, Comodo users should realize the limitations of Comodo and the available alternatives.
Attempts to discourage Comodo users or encourage other AV users to start using Comodo are equally unjustified.
It is better to simply present facts and be careful with personal opinions.
I think that none of MT members who posted in this thread would recommend Comodo (with a clear conscience) to average users.
It can be useful for users who already use Comodo, have used it in the past, and still like it. There is no evidence that they are wrong.
However, Comodo users should realize the limitations of Comodo and the available alternatives.
Attempts to discourage Comodo users or encourage other AV users to start using Comodo are equally unjustified.
It is better to simply present facts and be careful with personal opinions.
F
ForgottenSeer 114717
There is only one person here at MT, for sure, that vehemently disagrees.
F
ForgottenSeer 123960
Very true, a user got banned on Comodo forum recently because of his criticism on the same standard neverending repeated Comodo Staff feedback like "we are working on it".
Does anyone still believe “we are working on it”… I mean if they were working on it, certainly at one point this work would have been finished.
When people don't believe in what is being said over and over again, criticism may appear.....
Decopi:
Your language, your labeling of other users (think of your previous posts), are already beyond decency and border on the justiciable line, if it hasn't already been crossed. Such hate rants, defamation—something's not right.
What you wrote is, of course, completely new.
And honestly, I've never experienced anything like this in any forum before. Users have been banned for minor violations of netiquette. Those people aren't serious debaters.
Suggestion: Take your time to read Andy Ful's post #294 and learn from it.
I have nothing more to say about your posts.
A last word:
I've reread some of your older posts (apart from the outages), and what I mainly read:
Comodo is full of bugs
Many bugs not fixed
Many, many bugs
Hopefully you'll notice something!
Have you ever looked in the mirror, or don't you?
Your language, your labeling of other users (think of your previous posts), are already beyond decency and border on the justiciable line, if it hasn't already been crossed. Such hate rants, defamation—something's not right.
What you wrote is, of course, completely new.
And honestly, I've never experienced anything like this in any forum before. Users have been banned for minor violations of netiquette. Those people aren't serious debaters.
Suggestion: Take your time to read Andy Ful's post #294 and learn from it.
I have nothing more to say about your posts.
A last word:
I've reread some of your older posts (apart from the outages), and what I mainly read:
Comodo is full of bugs
Many bugs not fixed
Many, many bugs
Hopefully you'll notice something!
Last edited:
F
ForgottenSeer 114717
Their meaning of "we are working on it..." is not what everybody else thinks it means - or should mean.
Comodo's forum. It can do what it wants on its own forum regardless of what anyone thinks Their house. Their rules.
I don't care what people think is socially, morally, or ethically responsible or irresponsible. I am only interested in what is legal. What Comodo does on its forum is legal.
I've grown quite fond of him—the ultimate time-passing toy... like your very own LLM (Lunatic Language Model), a single prompt resulting in an abundance of gibberish... My Lunatic!
@rashmi I think I'll hack those five people who use Comodo, now that the CVE has been disclosed and the POC has become a piece of cake, and they are users of "GREAT" value. 
- Status
You may also like...
-
Windows Active Directory Vulnerability Allows Attackers to Execute Malicious Code- Started by Brownie2019
- Replies: 1
-
Critical Windows Admin Center Vulnerability Allows Privilege Escalation- Started by Parkinsond
- Replies: 4
-
AVideo Platform Vulnerability Allows Hackers to Hijack Streams via Zero-Click Command Injection
- Started by Brownie2019
- Replies: 1
-
TeamViewer DEX Vulnerabilities Let Attackers Trigger DoS Attack and Expose Sensitive Data
- Started by Brownie2019
- Replies: 1
