Author Topic: Comodo leeching data without permission / Huge Privacy Risk  (Read 768 times)

Offline bitspirit

  • Comodo Family Member
  • ***
  • Posts: 50
have been a CIS user for more than a decade - wonderful product.

But of late - have been seeing some strange issues

1. Internet Security Essentials - when will we get a 64 bit version?

ISE is taking up way too much ram/resources.
Sometimes starts scanning HD without initiation for hours.

2. cmdagent.exe sharing data to outside IPS  - even when I've disabled data sharing/meta data sharing with Comodo.

partial list of Receiving IPs- 104.21.80.250, 52.85.128.100, 199.66.201.17, 69.4.89.246, 162.255.24.195

The repeated pings and data sharing - sometimes 100mb+ at one go is creating havoc at my end.
Average 200-300 mb being shared every week.

NEED TO STOP THIS ASAP - please help.
NEED clarification too - why is this data leak happening?

Thanks in advance.

Offline C.O.M.O.D.O RT

  • Comodo Staff
  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 855
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #1 on: May 24, 2022, 05:05:08 AM »
Hi bitspirit,

Thank you for reporting, we will reach you through private message to get required information for investigation.

Thanks
C.O.M.O.D.O RT
« Last Edit: May 24, 2022, 05:07:31 AM by C.O.M.O.D.O RT »

Offline C.O.M.O.D.O RT

  • Comodo Staff
  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 855
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #2 on: May 24, 2022, 05:28:24 AM »
Hi bitspirit,

Could you please check your inbox for pm and respond ?

Thanks
C.O.M.O.D.O RT

Offline CISfan

  • Comodo's Hero
  • *****
  • Posts: 1806
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #3 on: May 24, 2022, 10:03:52 AM »
[at]bitspirit,

Use "Process Hacker" or SysInternals "Process Explorer" to find out which applications have active internet connections and which applications produce this heavy data traffic.
Only IP 199.66.201.17 relates directly to Comodo the other IP do not, maybe you have some other background applications running that consume so much traffic (torrent client perhaps?).

Offline domo78

  • Comodo's Hero
  • *****
  • Posts: 347
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #4 on: May 24, 2022, 11:01:31 AM »
[at]CISfan

Wouldn't it be sooner the IP address 199.66.201.16 ?
https://help.comodo.com/topic-399-1-786-11019-.html

Offline CISfan

  • Comodo's Hero
  • *****
  • Posts: 1806
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #5 on: May 24, 2022, 11:10:53 AM »
[at]CISfan

Wouldn't it be sooner the IP address 199.66.201.16 ?
https://help.comodo.com/topic-399-1-786-11019-.html

Comodo owns more IP addresses.
According to https://whatismyipaddress.com/ip/199.66.201.17 the IP belongs to Comodo.

IP Details For: 199.66.201.17

Decimal: 3343042833
Hostname: cima.security.comodo.com
ASN: 35838
ISP: Comodo Group Inc.
Services: Datacenter
Assignment: Likely Static IP
Country: United States
State/Region: New Jersey
City: Clifton

Offline domo78

  • Comodo's Hero
  • *****
  • Posts: 347
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #6 on: May 24, 2022, 01:49:33 PM »
[at]CISfan

Comodo has of course many [at] Ip.

This is the case for the [at] 199.66.201.16:
IP Details For: 199.66.201.16
Decimal: 3343042832
Hostname: no-dns-yet.ccanet.co.uk
ASN: 35838
ISP: Comodo Group Inc.
Services: Datacenter
Assignment: Likely Static IP
Country: United States
State/Region: New Jersey
City: Clifton

In the document referenced above only the [at] 199.66.201.16 is mentioned.

Offline bitspirit

  • Comodo Family Member
  • ***
  • Posts: 50
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #7 on: May 25, 2022, 01:27:05 AM »
All data being shared by Comodo Only - cmdagent.exe - all IP's being shown are from Comodo Logs (Outbound Connections)

Offline bitspirit

  • Comodo Family Member
  • ***
  • Posts: 50
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #8 on: July 24, 2022, 08:20:08 AM »
This is definitely a Comodo thing - did some research of my own

1. With Telemetry and Cloud lookup disabled - why is there a need for Comodo telemetry in Scheduled tasks?
You can delete it - but it comes back on every boot.

Can anybody enlighten me on this?
This is not honest behaviour.

There are many threads across the web - even I'm getting doubts on Comodo now after more than a decade of use.


2. User Peerblock to check Comodo behaviour - its pinging 199.66.201.16 every few seconds?
Why the need to ping Comodo DataCenter even when Telemetry is disabled?

3. Why are there so many malware with Comodo certificates?
would like a comment from the CEO on this?

Offline C.O.M.O.D.O RT

  • Comodo Staff
  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 855
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #9 on: July 25, 2022, 08:14:28 AM »
This is definitely a Comodo thing - did some research of my own

1. With Telemetry and Cloud lookup disabled - why is there a need for Comodo telemetry in Scheduled tasks?
You can delete it - but it comes back on every boot.

Can anybody enlighten me on this?
This is not honest behaviour.

There are many threads across the web - even I'm getting doubts on Comodo now after more than a decade of use.


2. User Peerblock to check Comodo behaviour - its pinging 199.66.201.16 every few seconds?
Why the need to ping Comodo DataCenter even when Telemetry is disabled?

3. Why are there so many malware with Comodo certificates?
would like a comment from the CEO on this?
Hi bitspirit,

Thank you for reporting. In order to investigate on this issue kindly provide us the below detail so that we will check and update you
1. Windows Version & CIS version.
2. Can you reproduce the problem & if so how reliably?
3. If you can, exact steps to reproduce. If not, exactly what you did & what happened.
4. Any software except CIS/OS involved? If so - name, & exact version.
5. Is there any other security product installed on your machine?
6. Any other information, eg your guess at the cause, how you tried to fix it etc.
7. If possible, any related screenshots.

Thanks
C.O.M.O.D.O RT

Offline bitspirit

  • Comodo Family Member
  • ***
  • Posts: 50
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #10 on: July 28, 2022, 06:43:03 AM »
Hi Comodo RT,

I appreciate your interest, which I feel is just hogwash - this issue has been posted by others too, even as far back as 2019.
Still no solution from your end.

Excluding 3rd party forums, even here there are similar threads older than mine -  no one received a solution till date.
Which points to this being deliberate...!

I'm yet to receive any answers to my queries - this thing about OS version / CIS version is another hogwash.
Task scheduler is deliberate and has nothing to do with os /cis versions.

Offline C.O.M.O.D.O RT

  • Comodo Staff
  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 855
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #11 on: July 28, 2022, 07:29:04 AM »
Hi Comodo RT,
this issue has been posted by others too, even as far back as 2019.
Still no solution from your end.
Hi bitspirit,

Thank you for reporting, kindly provide us exactly what you did and what heppened or provide us steps to reproduce so that we will check and report this to the team.

Thanks
C.O.M.O.D.O RT

Offline futuretech

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5349
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #12 on: July 28, 2022, 08:54:11 AM »
Hi Comodo RT,

I appreciate your interest, which I feel is just hogwash - this issue has been posted by others too, even as far back as 2019.
Still no solution from your end.

Excluding 3rd party forums, even here there are similar threads older than mine -  no one received a solution till date.
Which points to this being deliberate...!

I'm yet to receive any answers to my queries - this thing about OS version / CIS version is another hogwash.
Task scheduler is deliberate and has nothing to do with os /cis versions.
What are you on about? If you actually did search the forums you would notice this thread that explains the telemtry task: https://forums.comodo.com/waiting-area-please-cast-your-votes-cis/comodo-telemetry-task-t120918.0.html;msg868345#msg868345 and if you are really worried about it you can disable the task and then set the task to read only in the windows task folder.

Offline -MOKSHA-

  • Comodo Family Member
  • ***
  • Posts: 81
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #13 on: July 28, 2022, 09:26:28 AM »
What are you on about? If you actually did search the forums you would notice this thread that explains the telemtry task: https://forums.comodo.com/waiting-area-please-cast-your-votes-cis/comodo-telemetry-task-t120918.0.html;msg868345#msg868345 and if you are really worried about it you can disable the task and then set the task to read only in the windows task folder.
The post linked to explains that no data should be sent by the scheduled task if data collection is disabled in the settings. This doesn't answer the OP's question as to why CIS connects to several server IPs when telemetry is set to disabled.
CIS Premium 12.2.4.8012
Windows 11 Pro 21H2 | DE

Windows is like burgers and fries, just without burgers

Offline domo78

  • Comodo's Hero
  • *****
  • Posts: 347
Re: Comodo leeching data without permission / Huge Privacy Risk
« Reply #14 on: July 28, 2022, 10:06:40 AM »
On my laptop (see attachment) the 3 sites on which cmdagent.exe has connected since this morning.
The setting “Send anonymous program usage statistics to COMODO” is unchecked on my laptop.

One question: do you ask yourself the same type of questions about your AV?

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek