Bad Advice from Comodo and Loss of Trust

George Orwell

May 31st, 2008 by Corrine

How does a security vendor lose trust? It likely begins when the
company CEO becomes overly defensive and posts rants such the one at
the end of this post:

"You know what pisses me off the most: Its ill-informing, mis-
informing doing a disservice to users, because of our own agendas!!!! I
have no problem with people liking or disliking what we have, we
respect opinions, however people in the position to make a difference,
abusing the trust that users have bestowed upon them by ill-informing
is just plain wrong!!!"

Please pay particular attention to the words in bold in the above
quotation while you consider the explanation on the Comodo website for
providing a free firewall:

"You must be wondering - how can we stay in business by giving away
high quality solutions that all other software vendors sell. Simply,
Comodo's main revenue comes from authenticating web business with SSL
certificates (e.g. we put the padlock on websites)."

Apparently that source of revenue must not be as lucrative as one might
expect since Comodo has found it necessary to add to their revenue base
by including the IAC/Ask Toolbar to the most recent version of the
firewall.

Circling back to the subject of a vendor losing trust and considering
the above text in bold, it seems that Comodo is indeed abusing trust
when, in defense of including a toolbar provided by a known adware
vendor, they are suggesting that users turn off their antivirus
software!

NOTE: This "Toolbar" is being detected by various Anti-virus
software as Adware/Malware *THIS IS A FALSE POSTIVE!!!*, There is NO
Adware, Spyware etc in this Toolbar WHAT SO EVER. If you are having
problems installing the Toolbar, turn off your AV if this is the case.

Indeed, Comodo is ill-forming, mis-informing and providing a major
disservice to users. As illustrated at Calendar of Updates, when the
Comodo toolbar was installed and the toolbar .dll scanned at virustotal
and virusscan.jotti, the following were the results:

ASKSBAR.DLL
MD5…: ccc67b6b51bf3b004c6186c2da2faa2e

A-Squared Found Adware.Win32.MySearch.i
ArcaVir Found Adware.Mysearch.I
CAT-QuickHeal 9.50 2008.05.29 AdWare.MySearch.i (Not a Virus)
ClamAV 0.92.1 2008.05.29 Adware.Mysearch-1
Fortinet 3.14.0.0 2008.05.29 Adware/MySearch
Panda 9.0.0.4 2008.05.29 Suspicious file
Sunbelt 3.0.1139.1 2008.05.29 AdWare.Win32.MySearch.i
VBA32 3.12.6.6 2008.05.29 AdWare.Win32.MySearch.i

Everyone must decide for themselves. Personally, any vendor that not
only condones but recommends turning off users antivirus software and
intentionally includes known adware in their software is not one that I
trust.

The full text of Comodo's ill-informing advice which is not only doing
a disservice to users, but is also an abuse of trust has been preserved
at Info: COMODO SafeSurf Toolbar.

More here:


Il mittente di questo messaggio|The sender address of this
non corrisponde ad un utente |message is not related to a real
reale ma all'indirizzo fittizio|person but to a fake address of an
di un sistema anonimizzatore |anonymous system
Per maggiori informazioni |For more info

David H. Lipman

From: "George Orwell" <>

|
|
| May 31st, 2008 by Corrine
|
| How does a security vendor lose trust? It likely begins when the
| company CEO becomes overly defensive and posts rants such the one at
| the end of this post:
|
| "You know what pisses me off the most: Its ill-informing, mis-
| informing doing a disservice to users, because of our own agendas!!!! I
| have no problem with people liking or disliking what we have, we
| respect opinions, however people in the position to make a difference,
| abusing the trust that users have bestowed upon them by ill-informing
| is just plain wrong!!!"
|
| Please pay particular attention to the words in bold in the above
| quotation while you consider the explanation on the Comodo website for
| providing a free firewall:
|
| "You must be wondering - how can we stay in business by giving away
| high quality solutions that all other software vendors sell. Simply,
| Comodo's main revenue comes from authenticating web business with SSL
| certificates (e.g. we put the padlock on websites)."
|
| Apparently that source of revenue must not be as lucrative as one might
| expect since Comodo has found it necessary to add to their revenue base
| by including the IAC/Ask Toolbar to the most recent version of the
| firewall.
|
| Circling back to the subject of a vendor losing trust and considering
| the above text in bold, it seems that Comodo is indeed abusing trust
| when, in defense of including a toolbar provided by a known adware
| vendor, they are suggesting that users turn off their antivirus
| software!
|
| NOTE: This "Toolbar" is being detected by various Anti-virus
| software as Adware/Malware *THIS IS A FALSE POSTIVE!!!*, There is NO
| Adware, Spyware etc in this Toolbar WHAT SO EVER. If you are having
| problems installing the Toolbar, turn off your AV if this is the case.
|
| Indeed, Comodo is ill-forming, mis-informing and providing a major
| disservice to users. As illustrated at Calendar of Updates, when the
| Comodo toolbar was installed and the toolbar .dll scanned at virustotal
| and virusscan.jotti, the following were the results:
|
| ASKSBAR.DLL
| MD5…: ccc67b6b51bf3b004c6186c2da2faa2e
|
| A-Squared Found Adware.Win32.MySearch.i
| ArcaVir Found Adware.Mysearch.I
| CAT-QuickHeal 9.50 2008.05.29 AdWare.MySearch.i (Not a Virus)
| ClamAV 0.92.1 2008.05.29 Adware.Mysearch-1
| Fortinet 3.14.0.0 2008.05.29 Adware/MySearch
| Panda 9.0.0.4 2008.05.29 Suspicious file
| Sunbelt 3.0.1139.1 2008.05.29 AdWare.Win32.MySearch.i
| VBA32 3.12.6.6 2008.05.29 AdWare.Win32.MySearch.i
|
| Everyone must decide for themselves. Personally, any vendor that not
| only condones but recommends turning off users antivirus software and
| intentionally includes known adware in their software is not one that I
| trust.
|
| The full text of Comodo's ill-informing advice which is not only doing
| a disservice to users, but is also an abuse of trust has been preserved
| at Info: COMODO SafeSurf Toolbar.
|
| More here:
|


To add to the abobe complaint...

Comodo has been well known to provide software publishing certificates to malware authors
such as the WinFixer Group (Amaena.com). While the do revoke the certificates when
notified, they provide publishing certificates w/o vetting the company. Having malware have
a legitimate software publishing certificate is one way to thwart the security in Windows
Vista.


--
Dave

Multi-AV -

Shane

Hi Dave,


Excuse the top posting here - it's like I only really grow my hair long to
piss off the ones who make snide remarks about it.

Re Comodo. About three quarters of a year ago now I got in touch with
Microsoft Security over a possible exploit I found in XP in Windows
Explorer, whereby it would crash the moment you clicked on a certain kind of
file (the hope was to have it rectified in SP3 but M$ showed no real
interest in it without an actual exploit to hand them on a plate - I was
going to publish the code that exposed the weakness, here, but then I saw
how dire this group had become and dropped it).

Basically one particular third party program used some native XP code that
referenced a file that didn't exist. With this program installed, clicking
on a certain type of file would trigger the crash. I found this when testing
password managers, one of which came from Comodo.

When I took a closer look at the Comodo software I found that the
Installshield installer was actually a Winzip Self-Extractor installer
containing an Installshield icon to make it look like an Installshield job.
Now, no-one I told about this expressed any kind of moral indignation
whatsoever, but I don't see any way of looking at it that makes it look
trivial. Given that Comodo are widely touted to be a highly respectable
security software company. So, what, they couldn't afford to renew their
Installshield licence? They're not sufficiently clued on security to realise
someone will discover the deception?

Then again almost nobody seems to care that Lavasoft changed the name of
their software in order to get out of their previous commitment to provide
free updates for the life of the registered customer (I suppose L$ are
hoping to be absorbed by Symantec).

Anyway, I trust it's hanging fortuitously?


Shane




David H. Lipman wrote:
> From: "George Orwell" <>
>
>>
>>
>> May 31st, 2008 by Corrine
>>
>> How does a security vendor lose trust? It likely begins when the
>> company CEO becomes overly defensive and posts rants such the one at
>> the end of this post:
>>
>> "You know what pisses me off the most: Its ill-informing, mis-
>> informing doing a disservice to users, because of our own
>> agendas!!!! I have no problem with people liking or disliking what
>> we have, we respect opinions, however people in the position to make
>> a difference, abusing the trust that users have bestowed upon them
>> by ill-informing is just plain wrong!!!"
>>
>> Please pay particular attention to the words in bold in the above
>> quotation while you consider the explanation on the Comodo website
>> for providing a free firewall:
>>
>> "You must be wondering - how can we stay in business by giving
>> away high quality solutions that all other software vendors sell.
>> Simply, Comodo's main revenue comes from authenticating web business
>> with SSL certificates (e.g. we put the padlock on websites)."
>>
>> Apparently that source of revenue must not be as lucrative as one
>> might expect since Comodo has found it necessary to add to their
>> revenue base by including the IAC/Ask Toolbar to the most recent
>> version of the firewall.
>>
>> Circling back to the subject of a vendor losing trust and considering
>> the above text in bold, it seems that Comodo is indeed abusing trust
>> when, in defense of including a toolbar provided by a known adware
>> vendor, they are suggesting that users turn off their antivirus
>> software!
>>
>> NOTE: This "Toolbar" is being detected by various Anti-virus
>> software as Adware/Malware *THIS IS A FALSE POSTIVE!!!*, There is NO
>> Adware, Spyware etc in this Toolbar WHAT SO EVER. If you are having
>> problems installing the Toolbar, turn off your AV if this is the
>> case.
>>
>> Indeed, Comodo is ill-forming, mis-informing and providing a major
>> disservice to users. As illustrated at Calendar of Updates, when the
>> Comodo toolbar was installed and the toolbar .dll scanned at
>> virustotal and virusscan.jotti, the following were the results:
>>
>> ASKSBAR.DLL
>> MD5.: ccc67b6b51bf3b004c6186c2da2faa2e
>>
>> A-Squared Found Adware.Win32.MySearch.i
>> ArcaVir Found Adware.Mysearch.I
>> CAT-QuickHeal 9.50 2008.05.29 AdWare.MySearch.i (Not a Virus)
>> ClamAV 0.92.1 2008.05.29 Adware.Mysearch-1
>> Fortinet 3.14.0.0 2008.05.29 Adware/MySearch
>> Panda 9.0.0.4 2008.05.29 Suspicious file
>> Sunbelt 3.0.1139.1 2008.05.29 AdWare.Win32.MySearch.i
>> VBA32 3.12.6.6 2008.05.29 AdWare.Win32.MySearch.i
>>
>> Everyone must decide for themselves. Personally, any vendor that not
>> only condones but recommends turning off users antivirus software and
>> intentionally includes known adware in their software is not one
>> that I trust.
>>
>> The full text of Comodo's ill-informing advice which is not only
>> doing a disservice to users, but is also an abuse of trust has been
>> preserved at Info: COMODO SafeSurf Toolbar.
>>
>> More here:
>>
>>
>
>
> To add to the abobe complaint...
>
> Comodo has been well known to provide software publishing
> certificates to malware authors such as the WinFixer Group
> (Amaena.com). While the do revoke the certificates when notified,
> they provide publishing certificates w/o vetting the company. Having
> malware have a legitimate software publishing certificate is one way
> to thwart the security in Windows Vista.