Edited*****
Please click here read to see how Scot Finnie is spreading mis-information Edit end**********
First of all: There is no such a thing as: "outbound leak protection"
There is
1)outbound protection: catching any outbound network traffic
2)Leak protection : mainly its a protection against malware trying to circumvent/kill your firewall that is offering outbound traffic protection.
(have a look at wikipedia to see if you can find a term called "outbound leak protection" or even "leak protection" http://en.wikipedia.org/wiki/Firewall_(networking) ).. Nope.. doesn't exist.. Even Leak protection is not a function of a firewall but another layer that could be provided either by another product or build some protection into the same product using different techniques, but as I said its not a function of a Firewall)
Now, I and Egemen had a chat (phone call) with Scott last week about our firewall. There we explained its capabilities. At no stage did we say CPF has no "outbound leak protection"!!! I am surprised that he just ran that story with that misunderstanding. Very sad indeed! Obviously Scott must have misunderstood some of what we said. Of course CFP v3 in simple firewall mode has "outbound protection" and a pretty good one too! The Leak resistance (eg: protection against malware killing the firewall etc) comes from Defense+ (which is built into v3!).
Now: in V3 you have 2 different settings
1)simple firewall
2)Firewall + Defense+.
In simple firewall: you just get pure Firewall. Why, because thats what our users wanted from us! They said, they didn't need all that protection against malware etc, cos they had their own software (like HIPS etc to do that work). So we just built a very simple yet powerful firewall mode to do firewall thing!
So, to do Firewall stuff, you could most definitely rely on our simple firewall mode in V3! Its a pretty darn fine firewall! So this mode is great if you just want a pure firewall to check your outbound traffic!
If you want the ultimate protection and you want more than just a firewall, then you can enable defense+!
Scott said: "The previous generation of the Comodo 2.4 provided anti-leak protection without the HIPS."
Well, that statement is wrong! What we all refer to HIPS is low level hooks! And v2.4 did have low level hooks to create the protection. So it did have HIPS like capability, just wasn't brought out as a full blown HIPS product, thats all! The bottom line: Without these low level hooks, you simply can't protect, period!
The advice Scott gives in the above blog is simply wrong! Advising people to uninstall and then re-install, without even knowing that those users might be relying on some other HIPS (or other security software) to give them their protection and just use CFP for its firewalling capability!
Scott, will you advice against other firewall modes/configuration which gives the ability to the user to switch off their protection? Because they all do! Will you now say, firewall XYZ is not good in this mode or that mode because it allows this and that? This is NOT the default option, this is a configuration option built in cos some of our users wanted this option. And when they choose this option we clearly state: "it will not activate the Defense+ to fight malware"! Now, Scott, will you also identify certain settings in other firewalls, when chosen will render firewall less protected and advice your users against those settings? If not why not?
Also, even though Egemen wrote him an email explained about our firewall and differences between earlier version, obviously Scott doesn't get how CFP work. Because advising people to uninstall because they are in a simple firewall mode is also wrong! You simply go to Defense+ and activate it, its that simple!! (go to Defense+->Advanced->Defense+ Settings->Unsselect "Deactivate the Defense+ permanently") I find it very disturbing that Scott is advising people to "uninstall" for something that could easily be switched on with a mouse click.
We should not be punished because we made our firewall highly configurable, even though default configuration is the highest security you can get!
Some interesting observations: There is no link to Comodo firewall, yet there is to other firewall (I guess thats how referral schemes work?
) Is it: You refer via a link and get paid if there is a sale!? Yep, ours is free so why link cos no money right?
Also, instead of simply asking the user to re-install (even though re-installation is unnecessary) on XP Scott advises them to switch to the other company, I guess that means more money perhaps?
Obviously Scott misunderstood and got his advice wrong. I hope he is honour bound to fully understand the issues he advices about and then advice correctly!
That article is a disservice to his user base, however I am sure Scott will address this very soon as I am sure he is big enough guy to raise his hand and say, he misunderstood things.
Melih
PS:
http://blog.scotsnewsletter.com/2007/12/15/my-bonehead-move/ Sorry to hear your site going down and I am glad you got help from the people you link to in the blog;)
---begin rant---
You know what pisses me off the most: Its ill-informing, mis-informing doing a disservice to users, because of our own agendas!!!! I have no problem with people liking or disliking what we have, we respect opinions, however people in the position to make a difference, abusing the trust that users have bestowed upon them by ill-informing is just plain wrong!!!
---end of rant---
Poll
Author