Feedback - ASLR protection defeated by Comodo | News / Announcements / Feedback

DinkleBubbles

Newbie

Offline

Posts: 2

Feedback - ASLR protection defeated by Comodo

« on: March 28, 2012, 03:16:27 AM »

Hello.

1) Comodo currently does not support ASLR (Address Space Layout Randomization). This in itself is a vulnerability since unknown vulnerabilities in Comodo are easier to exploit for malware.

2) Comodo loads a dll into every executable running on the system, and this dll is also not ASLR-enabled. This means that every program running on the computer has lower protection because of Comodo not having ASLR.

3) Enabling ASLR support is easy, it is just a compiler switch, and it does not require any code rewrite. All modern compilers support ASLR (I hope Comodo does not use ancient compilers).

4) I have tested enabling support of ASLR in Comodo using a "hack", and there were no problems with it, therefore Comodo works just fine with it.

5) Most other security software already supports ASLR.

Please enable ASLR support soon, not waiting for Comodo 6.


	Logged

Siketa

Comodo's Hero

Offline

Posts: 3161

ZIG ZAG

Re: Feedback - ASLR protection defeated by Comodo

« Reply #1 on: March 28, 2012, 04:01:37 AM »

Can you share that hack with the rest of us?


	Logged

DinkleBubbles

Newbie

Offline

Posts: 2

Re: Feedback - ASLR protection defeated by Comodo

« Reply #2 on: March 28, 2012, 04:11:10 AM »

I would rather not disclose it, since it involves switching off Driver Signing protection in win7, and I also cannot distribute modified Comodo executables & DLLs due to Comodo license not permitting it.

However, you can also use (with some caveats) the Enhanced Mitigation Experience Toolkit to force ASLR on Comodo executables.

http://www.microsoft.com/download/en/details.aspx?id=1677


	Logged

vix123

Comodo Loves me

Offline

Posts: 110

2000 years old according to Comodo

Re: Feedback - ASLR protection defeated by Comodo

« Reply #3 on: April 08, 2012, 12:33:22 PM »

Could you post some benchmarks using Comodo with (your hack) and without ASLR ?


	Logged

Windows XP / Comodo LITE (just firewall and defense+ at 16% of the standard size, no antivirus, no clouds, no whitelists)

Mad-one

Comodo Family Member

Offline

Posts: 72

Re: Feedback - ASLR protection defeated by Comodo

« Reply #4 on: April 09, 2012, 03:28:17 PM »

Shouldn't you be sending the modified files directly to the devs so they can take a look at it?


	Logged

...we need a few mad people running this world ... look where the "sane" ones have gotten us...

trscsaeg

Comodo's Hero

Offline

Posts: 1156

Re: Feedback - ASLR protection defeated by Comodo

« Reply #5 on: April 10, 2012, 01:40:16 PM »

why does comodo not have this


	Logged

Ronny

Product Translator
Global Moderator
Comodo's Hero

Offline

Posts: 13188

Volunteer Moderator

Re: Feedback - ASLR protection defeated by Comodo

« Reply #6 on: April 10, 2012, 01:45:39 PM »

Quote from: trscsaeg on April 10, 2012, 01:40:16 PM

why does comodo not have this

Probably because it believes in it's self-defense capabilities preventing 'abuse' of this lack of ASLR usage...


	Logged

Volunteer Moderator
Any concerns? Please send me a PM or review the Forum Policy - update Jan 3rd 2013!

Seany007

Comodo's Hero

Offline

Posts: 1904

Comodo Commando

Re: Feedback - ASLR protection defeated by Comodo

« Reply #7 on: April 11, 2012, 11:18:08 AM »

I heard a lot of criticism on security forums that Comodo don't keep up to date with other security firms... But there will be never any security which can cover all vulnerabilities... You don't need all the protection anyway unless you have hackers at bay... And anything can be hacked into if somebody try hard enough...


	Logged

Proud Comodo User (CIS, CD, CID and CMS)

Tags:

Pages: [1]

« previous next »

Jump to:

SSL Certificate

Free Virus Removal

Firewall

Page created in 0.049 seconds with 21 queries.

Design by 7dana.com