Discussion:
Comodo is SPYWARE
(too old to reply)
Jeremy Bentham
2016-05-18 00:33:58 UTC
Permalink
Raw Message
http://dottech.org/10032/paying-a-price-to-use-free-software-the-dark-side-of-comodo-products/
or
http://tinyurl.com/hm2g77s

Paying a price to use free software: the dark side of Comodo products
By Ashraf - September 23, 2009 - 88 Comments

image: Loading Image... Email article |
Print article

image: http://dt.azadicdn.com/wp-
content/themes/dt/images/printer_famfamfam.gif?2724

Comodo is a popular name in the software business. Comodo provides
multiple free, and excellent, products for home users including, but
not limited to, the award winning Comodo Firewall (now bundled with
Comodo Internet Security). Comodo has also recently become a big name
in multiple front-page controversies including the issuance of its SSL
security certificates to known malware distributors/scam websites and
a row with Softpedia over the inclusion of a third party toolbar in
their software. For those that don’t know I will do a quick recap for
you:

Comodo has been caught selling its popular SSL certificate to malware
distributors/scan websites. Now in Comodo’s defense, whenever a
malware distributor/scan website which has Comodo’s certificate is
brought to their attention, they remove it; furthermore the purpose of
the SSL certificate, technically, is not to verify the contents of the
website but rather to verify how secure it is to buy from (the irony).
However the question of why Comodo is repeatedly selling the
certificates to known malware distributors/scam websites (there have
been cases where a website with the same exact layout, interface, and
“product” except different name has been issued a certificate even
though their earlier one was revoked) is still a significant one and
still an on going issue. Softpedia, once upon a time, labeled Comodo
Internet Security as “malware” because CIS included SafeSurf, an
optional third party toolbar considered to be malware by Softpedia. Of
course Comodo did not like that, so they tried to get Softpedia to
remove the label. Softpedia, standing by their high standards,
refused. So in the end the result was (is) Comodo Internet Security
was (is) removed from Softpedia’s download database.

Whatever side you are on for the above two issues, this post is not to
discuss them; that is for another time. I am creating this post to
address another (potentially more important) issue with Comodo
products.

Today as I was checking my e-mail, I got an e-mail from a dotTechie
informing me of the fact Comodo Backup, a free backup solution
provided by Comodo, was recently updated to v2 with major changes and
I should check it out (yes – I do read the e-mails I am sent even if I
forget to reply… surprise, surprise). So, naturally, I was intrigued
and went to download Comodo Backup. While installing Comodo Backup I
glanced over its EULA (End User License Agreement) and was shocked by
what I saw:

image: http://dt.azadicdn.com/wp-content/uploads/2009/09/2009-09-
23_1520592-300x232.jpg?2724 2009-09-23_1520592

I am not legal mind, but to me this says if you install Comodo Backup,
Comodo will collect data from your computer such as how you use Comodo
Backup. Not only will Comodo collect data, but the data can
potentially be personally identifiable: Comodo won’t disclose the data
to a third party in a manner which will personally identify you but
that means if they are taking a deliberate and conscious action to
make sure the data is not personally identifiable when being passed on
to a third party, the data is personally identifiable when Comodo
themselves have it. Am I understanding it properly or am I being
paranoid?

Now it is not just Comodo wanting to collect data from you while you
use their software. Many software developers ask you if you want to
send anonymous usage statistics to the developer while using their
program; however you can always opt out if you do not want to. I
looked up, down, left, right, in, and out – no where in Comodo Backup
did I see an option to opt out of sending data to Comodo. At best I
found an option under settings named “Enable log” which a user can
check or uncheck; however there is no clear indication if this “log”
refers to the data collection done by Comodo or a different program
function. Shame on you Comodo; not only are you collecting
questionable data but the user has no clear way to opt out if they
find this action less than desirable (bar blocking the program with
Firewall of course and/or not installing the program in the first
place).

After I got done with Comodo Backup, I was curious to see if other
Comodo software do the same thing as Comodo Backup. I found indeed
there are other perpetrators which do the exact same thing…

Comodo System Cleaner

image: http://dt.azadicdn.com/wp-content/uploads/2009/09/2009-09-
23_1539012-300x232.jpg?2724 2009-09-23_1539012

Comodo SecureEmail

image: http://dt.azadicdn.com/wp-content/uploads/2009/09/2009-09-
23_1550132-300x259.jpg?2724 2009-09-23_1550132

…and other Comodo software which do something similar except
explicitly state the information collected will be non-personally
identifiable:

Comodo EasyVPN

image: http://dt.azadicdn.com/wp-content/uploads/2009/09/2009-09-
23_1547512-300x233.jpg?2724 2009-09-23_1547512

Comodo Internet Security

image: http://dt.azadicdn.com/wp-content/uploads/2009/09/2009-09-
23_2201103-300x258.jpg?2724 2009-09-23_2201103

CIS is the bundle which contains Comodo Firewall, AntiVirus, and
AntiMalware solutions.

Since EULAs are long, and Comodo did not exactly help by not properly
formatting some of the EULAs for some of their software, I may have
missed a software or two which act in the same way as Comodo Backup;
so if you find another Comodo product which collects data (personally
identifiable or not) without an ethical and clear declaration and a
user opt-out, please post below and I will be sure to update this
post.

Furthermore, I visited the privacy policy link you see provided in
CIS’s EULA. The description on how user personal data is used is vague
at best:

image: http://dt.azadicdn.com/wp-content/uploads/2009/09/2009-09-
23_220032-300x166.jpg?2724 2009-09-23_220032

So who exactly are Comodo’s affiliates and what are their privacy
policies? Farther down the page Comodo does state more explicitly its
partners and affiliates have “similar” privacy policies…

image: http://dt.azadicdn.com/wp-content/uploads/2009/09/2009-09-
23_221419-300x42.jpg?2724 2009-09-23_221419

…but I am not really impressed in the first place by Comodo so I don’t
know what to think.

To make matters even more confusing, it turns out there is another
privacy policy currently linked to Comodo’s website (this one was last
updated in July as opposed to April for the other one). This one is a
little bit more definitive about exactly what Comodo does:

image: http://dt.azadicdn.com/wp-content/uploads/2009/09/2009-09-
23_2205001-300x213.jpg?2724 2009-09-23_220500

image: http://dt.azadicdn.com/wp-content/uploads/2009/09/2009-09-
23_221724-300x139.jpg?2724 2009-09-23_221724

Of course Comodo states the affiliates and/or partners have “similar
privacy standards” but I am not particularly impressed by Comodo’s
“standards” when it collects data related to its programs without
obvious user consent and/or clear opt-out option.

So what do you guys think. Am I being a daft, paranoid idiot or is
Comodo pulling a fast one over all of us? Please, dotTechies, lawyers,
Comodo reps, and everyone else: post your thoughts below. As it
stands, I don’t know about everyone else, but Comodo has lost at least
one potential customer: me.

***Update***

Let me make this clear: If potential data collection is not a concern
for you, by all means use Comodo products (I have stated time and time
again, at face value, Comodo programs are great). However me, and many
others, deplore this practice of data collection without clear
notification and/or opt-out option and will probably never use Comodo
products again.

Read more at http://dottech.org/10032/paying-a-price-to-use-free-
software-the-dark-side-of-comodo-products/#e2VwEBfcz5xdkvIv.99
FredW
2016-05-18 18:29:51 UTC
Permalink
Raw Message
On Wed, 18 May 2016 02:33:58 +0200 (CEST), Jeremy Bentham
Post by Jeremy Bentham
http://dottech.org/10032/paying-a-price-to-use-free-software-the-dark-side-of-comodo-products/
or
http://tinyurl.com/hm2g77s
Paying a price to use free software: the dark side of Comodo products
By Ashraf - September 23, 2009
So, after six and a half year you finally, finally found this article?

We live no longer in 2009 but in 2016.

(must be some googlegrouper stumbling over something)
--
Fred W. (NLD)
m***@nowhere.com
2016-05-18 21:53:40 UTC
Permalink
Raw Message
Post by FredW
On Wed, 18 May 2016 02:33:58 +0200 (CEST), Jeremy Bentham
Post by Jeremy Bentham
http://dottech.org/10032/paying-a-price-to-use-free-software-the-dark-side-of-comodo-products/
or
http://tinyurl.com/hm2g77s
Paying a price to use free software: the dark side of Comodo products
By Ashraf - September 23, 2009
So, after six and a half year you finally, finally found this article?
We live no longer in 2009 but in 2016.
(must be some googlegrouper stumbling over something)
Don't you just love these know-it-all jerks who think that everyone
gave a damn about this subject before and had this knowledge?
And, of course, there are NEVER newbies in this group who know
little or nothing about anything to do with the Web.

There are people out there who bought a computer a few years back,
which came with virus protection installed, but these people didn't
have a clue that it had to be updated every day.

If you don't have something useful to say, STFU, you arrogant
a-wipe.
Diesel
2016-07-01 21:56:36 UTC
Permalink
Raw Message
Post by m***@nowhere.com
Don't you just love these know-it-all jerks who think that
everyone gave a damn about this subject before and had this
knowledge? And, of course, there are NEVER newbies in this group
who know little or nothing about anything to do with the Web.
A computer isn't a toaster oven. If you bought it and expected to
use/abuse it like one, you only have yourself to blame when things go
wrong. Nothing arrogant about the statement, just factual.
I do realize some people can't tell the difference and prefer to
wallow in ignorance, but, that's stupidity for you. Long live the
sheeple!
Post by m***@nowhere.com
There are people out there who bought a computer a few years back,
which came with virus protection installed, but these people
didn't have a clue that it had to be updated every day.
I call horse shit. I haven't seen any Windows based AV/AM software
that doesn't complain it's database(s) are out of date and a newer
version is available. Those people continued clicking the go away
button. Not allowing it to get the updates it continued bugging them
about.
Post by m***@nowhere.com
If you don't have something useful to say, STFU, you arrogant
a-wipe.
Okay.

How about this then...

When you buy a computer, Before going online, read and familiarize
yourself with ALL available documentation that shipped with it. Don't
ignore things and quickly dismiss "An update is available. Can I get
it?" messages. The inconvenience to you to get the update and the
popup window pales by comparison to what happens when you make the
decision to ignore the advice.

It's not arrogance to properly use a machine and instruct others in
the same. it's not being an asswipe telling someone they need to stop
treating the computer like a toaster oven. These same people are
likely the ones who never bother to clean said oven and wonder how
the fire started, sometime later. IE: they have no business owning a
computer.

I understand that most people don't know anything about the computer
they bought. Nothing is preventing them from learning about it
though. Stupidity shouldn't be rewarded as it so often is these days.
--
MID: <nb7u27$crn$***@boaterdave.dont-email.me>
Hmmm. I most certainly don't understand how I can access a copy of a
zip file but then not be able to unzip it so I can watch it. That
seems VERY clever!
http://al.howardknight.net/msgid.cgi?ID=145716711400
maury
2016-07-02 01:33:54 UTC
Permalink
Raw Message
Post by Diesel
Post by m***@nowhere.com
Don't you just love these know-it-all jerks who think that
everyone gave a damn about this subject before and had this
knowledge? And, of course, there are NEVER newbies in this group
who know little or nothing about anything to do with the Web.
A computer isn't a toaster oven. If you bought it and expected to
use/abuse it like one, you only have yourself to blame when things go
wrong. Nothing arrogant about the statement, just factual.
I do realize some people can't tell the difference and prefer to
wallow in ignorance, but, that's stupidity for you. Long live the
sheeple!
Post by m***@nowhere.com
There are people out there who bought a computer a few years back,
which came with virus protection installed, but these people
didn't have a clue that it had to be updated every day.
I call horse shit. I haven't seen any Windows based AV/AM software
that doesn't complain it's database(s) are out of date and a newer
version is available. Those people continued clicking the go away
button. Not allowing it to get the updates it continued bugging them
about.
Horse shit?

Clicking the go away button?

Kaspersky has a setting wherein it does NOT inform you of updates.

My present AV:
Kaspersky version: 14.0.0.4651(I)
License: For 3 computers for 365 days
Activation date: 10/19/2015
Expiration date: 10/18/2016

Menu:
Settings/Additional/Update settings

1. Download and install updates automatically

2. Prompt for permission to install before downloading updates

3. Do not download updates automatically and do not notify when
updates and new versions are available (not recommended)
------

I'm not even going to bother taking the rest of your angry shit post
apart because it would do no good. You're an angry shit-for-brains
moron who only uses Usenet to get rid of your constant, unending
anger. Go beat on your wife, boss, kids or family dog who are the
real reason for your anger and stay the F***K off Usenet.
Diesel
2016-07-02 02:50:10 UTC
Permalink
Raw Message
Post by maury
Post by Diesel
Post by m***@nowhere.com
Don't you just love these know-it-all jerks who think that
everyone gave a damn about this subject before and had this
knowledge? And, of course, there are NEVER newbies in this group
who know little or nothing about anything to do with the Web.
A computer isn't a toaster oven. If you bought it and expected to
use/abuse it like one, you only have yourself to blame when things
go wrong. Nothing arrogant about the statement, just factual.
I do realize some people can't tell the difference and prefer to
wallow in ignorance, but, that's stupidity for you. Long live the
sheeple!
Post by m***@nowhere.com
There are people out there who bought a computer a few years
back, which came with virus protection installed, but these
people didn't have a clue that it had to be updated every day.
I call horse shit. I haven't seen any Windows based AV/AM software
that doesn't complain it's database(s) are out of date and a newer
version is available. Those people continued clicking the go away
button. Not allowing it to get the updates it continued bugging
them about.
Horse shit?
Clicking the go away button?
Kaspersky has a setting wherein it does NOT inform you of updates.
Yes.. However, that isn't the default setting. If you're capable of
changing that setting, you understand (or should!) the risks
associated with it and the new found responsibility you have assigned
yourself; keep it updated. It's only as good as the last definitions
update.

If the computer was provided to you with that setting enabled, as a
new found computer owner, it's your responsibility to learn how to
properly care for it. Almost all newbie welcome to computer articles
these days HIGHLY suggests running an Antivirus. Some even go so far
as to help you identify which one you might already be running AND
how to update it. I'm making no effort to come across as a know it
all or wiseass towards you or anyone else. I'm just blunt.
Post by maury
Kaspersky version: 14.0.0.4651(I)
License: For 3 computers for 365 days
Activation date: 10/19/2015
Expiration date: 10/18/2016
Kind of you not only to use the product, but, show your support for
the hard work the people behind it put into it. I know from
experience (more on that below) what sort of time is really put into
it.
Post by maury
I'm not even going to bother taking the rest of your angry shit
post apart because it would do no good. You're an angry
shit-for-brains moron who only uses Usenet to get rid of your
constant, unending anger.
LARF! Maury, didn't anyone ever teach you that when you need to
resort to personal attacks (even your lame ones) you've already lost
the argument? I do welcome an intelligent discussion concerning what
I've written, if you're interested in providing one. If you disagree
with one or more things I've written, other than kaspersky being on
non default settings, feel free to comment. I'll try to answer any
questions/concerns you may have concerning anything I've written.

As far as your smart ass shit for brains comment... umm...

Not to be a braggart or anything, but, you did call me a shit for
brains moron...

I'm the author of a program known as BugHunter on this page:
http://www.completelyfreesoftware.com/du1_w31.html

Do you see how many award icons it has? That's the max possible.
You can checkout the review itself, too, if you'd like. It was rated
a must have for all PC users.

That program interested a company you might have heard about,
Malwarebytes Corporation? in me. Enough to recruit me. I worked for
them for a little over two years as an Expert Malware Researcher. By
recruit, allow me to emphasize, they contacted me with a job
proposal. I didn't contact them, I wasn't looking for additional work
at the time. I didn't even know they were hiring. It wasn't even a
program I had much interest in at the time. I was busy writing and
supporting my own.

Things like that happen to you?

I started writing/supporting antimalware apps to make up for things
like this:

https://www.f-secure.com/v-descs/irok.shtml

That I did write, back when I was a bit more.. shall we say,
immature. Btw, before someone else spills the beans, Irok is mine
too. Ever write programs like that?

I have an ancient Novell certification, An A+ certification so old
it's grandfathered, as well being as a formally? (it's either expired
or also grandfathered lol) HP certified printer repair technician;
Naturally, I don't do much printer service work these days.

Printers (doesn't really matter what brand anymore)are pretty much
disposal units now. Except for the commercial ones, and, depending on
their age; disposable as well. If the parts alone cost 1/3 to 1/2 of
what a new model costs, the printer is usually scrapped. Unless it
has specialized drivers/does some sort of custom work that would be
difficult to reconfigure another printer to do.

I used to post to this newsgroup and several others related to
malware, some years back. Offering technical advice to others. As
well as promoting my ancient freeware program, BugHhunter - Under my
real name, of course.

Not bad for... what was it you wrote.. oh yea, a 'shit for brains
usenet moron' Eh? So you might say I'm well versed in what is/what
isn't spyware and what computers are/what they aren't.

More to the point though; You really shouldn't make the sort of
assumptions that you did about another poster when you don't know
anything about them.
Post by maury
Go beat on your wife, boss, kids or
family dog who are the real reason for your anger and stay the
F***K off Usenet.
Wow. I'm shocked at your totally off the wall comments and
suggestions that I was in any way, displaying anger in my one and
only (previous to this one) reply to something you've written, that I
know of.

I've probably been on usenet for possibly, a longer period of time
than yourself. My first connection was via UUCP... So, while I
appreciate your suggestion, I'll remain the FUCK ON usenet (or whats
left of it, depending on your POV) if I so desire.

No offense maury, but, you seem to have some deep issues of your own
you should be dealing with. Have a nice weekend and get some help.
--
MID: <nb7u27$crn$***@boaterdave.dont-email.me>
Hmmm. I most certainly don't understand how I can access a copy of a
zip file but then not be able to unzip it so I can watch it. That
seems VERY clever!
http://al.howardknight.net/msgid.cgi?ID=145716711400
FredW
2016-07-02 11:43:49 UTC
Permalink
Raw Message
Post by maury
I'm not even going to bother taking the rest of your angry shit post
apart because it would do no good. You're an angry shit-for-brains
moron who only uses Usenet to get rid of your constant, unending
anger. Go beat on your wife, boss, kids or family dog who are the
real reason for your anger and stay the F***K off Usenet.
Do you think you are on facebook or twitter?


Why are you so upset about sound advice?
Or do you know so little about computers that you don't recognize good
advice when you see it?
--
Fred W. (NLD)
Loading...