Author Topic: PrivDog 3.0.0.97 is now released.  (Read 8503 times)

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5718
Re: PrivDog 3.0.0.97 is now released.
« Reply #15 on: January 27, 2015, 10:14:52 PM »
Not working for me either
| Win 10 Pro (x64) | UAC Disabled | CCAV | Intel i7 4770k | Asus Maximus VI Formula Mobo | Asus GeForce GTX 780 | G.Skill TridentX 32gb RAM | Samsung 850 Pro SSD |

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25157
Re: PrivDog 3.0.0.97 is now released.
« Reply #16 on: January 27, 2015, 10:19:25 PM »
Thanks for reporting. In Europe and America the download does not seem to work where Australia (usually teamed up with Asia) it does. I hope it gets picked up soon.

Offline AimeeLW

  • Comodo's Hero
  • *****
  • Posts: 255
  • Kemono's rule :o)
Re: PrivDog 3.0.0.97 is now released.
« Reply #17 on: February 05, 2015, 10:07:05 PM »
Is there any news on the download issue, I can't download latest PrivDog version as I get the 403 error page every time I try, thanks  :)

Error message is this: "You don't have permission to access /downloads/661/PrivDogSetup_3.0.97.0.exe on this server."
Linux Mint 18 64bit and Windows 8.1 Pro 64 bit :)

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25157
Re: PrivDog 3.0.0.97 is now released.
« Reply #18 on: February 05, 2015, 10:31:54 PM »
I sent another pm to Shane.

Offline AimeeLW

  • Comodo's Hero
  • *****
  • Posts: 255
  • Kemono's rule :o)
Re: PrivDog 3.0.0.97 is now released.
« Reply #19 on: February 10, 2015, 09:27:30 PM »
Is there any news on this server issue, still the link has error and can't download, tried from different computers, OS's and a different house/ISP with the same result  :(
Linux Mint 18 64bit and Windows 8.1 Pro 64 bit :)

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25157
Re: PrivDog 3.0.0.97 is now released.
« Reply #20 on: February 10, 2015, 10:26:53 PM »
I sent a pm to one of Comodo's network admins.

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25157
Re: PrivDog 3.0.0.97 is now released.
« Reply #21 on: February 11, 2015, 02:58:32 PM »
I have been in contact with the network admin and Comodo is now aware of and working on it.

Offline AimeeLW

  • Comodo's Hero
  • *****
  • Posts: 255
  • Kemono's rule :o)
Re: PrivDog 3.0.0.97 is now released.
« Reply #22 on: February 11, 2015, 09:47:26 PM »
Thank you EricJH for keeping us all informed of this situation, lets hope and pray they fix this issue soon, once again thanks for your help and support  :-TU
Linux Mint 18 64bit and Windows 8.1 Pro 64 bit :)

Offline RadimC

  • Program Manager
  • Global Moderator
  • Newbie
  • *****
  • Posts: 6
Re: PrivDog 3.0.0.97 is now released.
« Reply #23 on: February 12, 2015, 09:31:41 AM »
Thank you,
I believe for now these issues are solved so it is possible to update PrivDog to the latest version
My colleagues will contact you to get more details
Please read the Forum Policy below before posting: 

http://forums.comodo.com/new_member_information/forum_policy-t1516.0.html

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25157
Re: PrivDog 3.0.0.97 is now released.
« Reply #24 on: February 12, 2015, 05:16:17 PM »
It's solved when downloading from the Netherlands.

Offline AimeeLW

  • Comodo's Hero
  • *****
  • Posts: 255
  • Kemono's rule :o)
Re: PrivDog 3.0.0.97 is now released.
« Reply #25 on: February 12, 2015, 05:50:25 PM »
It now works from the UK as well  ;D
Linux Mint 18 64bit and Windows 8.1 Pro 64 bit :)

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25157
Re: PrivDog 3.0.0.97 is now released.
« Reply #26 on: February 12, 2015, 06:46:07 PM »
Can anybody from the USA other parts of America confirm?

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5718
Re: PrivDog 3.0.0.97 is now released.
« Reply #27 on: February 12, 2015, 07:59:45 PM »
seems to be working
| Win 10 Pro (x64) | UAC Disabled | CCAV | Intel i7 4770k | Asus Maximus VI Formula Mobo | Asus GeForce GTX 780 | G.Skill TridentX 32gb RAM | Samsung 850 Pro SSD |

Offline Sanya IV Litvyak

  • Comodo's Hero
  • *****
  • Posts: 4214
  • Lurking
Re: PrivDog 3.0.0.97 is now released.
« Reply #28 on: February 20, 2015, 05:41:28 AM »
To Mods: This is a post primarily on PrivDog and not SuperFish however it relies heavily on information about SuperFish and what's going on with that, please do not move this to "General Security Questions and Comments" as it's more relevant to PrivDog, if you feel that it needs a thread of its own then you can move it to one under any of the PrivDog sub-forums. (Of course you can do whatever you please with it, I'm just pointing out what I'm okay with)

So Lenovo has been bundling a software called SuperFish with some of their computers, SuperFish seems to have a different goal than PrivDog but it still uses a similar or the same method of reaching that goal, messing with the certificates. It was at that point theorized that people could abuse this to create a man-in-the-middle attack and then read and modify encrypted webpages as seen fit, and it has now been confirmed.

Now I realize that you may read that and go "Why are you posting this here and not in the part for other security related stuffs?" Well it's because I'm not interested in talking about the SuperFish issue exclusively, but rather how it's similar to PrivDog, what makes PrivDog different? What stops PrivDog from being abused in the same way? What chance can PrivDog honestly have when people seriously don't trust software that messes with the certificates in the same way that PrivDog and SuperFish does? I'm afraid that, if PrivDog would get wider coverage and would be a "well-known" software, then it would probably be seen as adware/riskware and users would be recommended to stay away from it and it would reflect badly on Comodo.

Besides that, PrivDog moved from extension to stand-alone application because Chrome closed the doors to extensions not from its web store, but what when they stop these man-in-the-middle attacks on the browsers from working? What then? An even more invasive method?

When I first realized that PrivDog messes with the certificates, I claimed it's a potential security risk, I wasn't able to back that up but now when the similar program SuperFish has been successfully abused to create a MITM attack, I must ask how PrivDog is any more secure? What stops similar attacks on PrivDog? Also, how do you see the future of PrivDog when the method it currently uses to read and modify the encrypted sites is closed?

I apologize if this posts seems too negative, but in my personal opinion the way PrivDog deals with encrypted traffic is just plain wrong and at the least Comodo should explain why PrivDog wouldn't be vulnerable to the same attacks as SuperFish was because currently I can only see PrivDog as a real Riskware.

I also want to point out one huge difference between PrivDog and SuperFish, SuperFish was pre-loaded on some Lenovo computers where PrivDog is not, from what I can tell the stand-alone PrivDog can only be downloaded by itself so far and is not bundled with other software, so there's no risk that users accidentally install it, but if this stand-alone version of PrivDog makes it into CIS then.. well.. I mean, personally I wouldn't think that to be a good idea.

Perhaps I'm just overly-concerned about this, and overly-obsessed with certificates not being messed with, perhaps it's a non-issue, but in the light of SuperFish I believe that Comodo should at least look at what they are doing and consider if it's a good idea, they should also look into if their method is vulnerable to the same abuse as the method SuperFish used was, and then communicate the results to users here.

I want to see PrivDog be successful, but this doesn't seem like the right way to do it in my opinion, but at the same time I don't know what else they can do to get a working product without it being an extension.

... I probably repeated myself many times there, I apologize for that.

Edit: And a post on the SuperFish issue by EFF.
« Last Edit: February 20, 2015, 06:07:52 AM by Sanya IV Litvyak »
I support privacy and freedom online - eff.org

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25157
Re: PrivDog 3.0.0.97 is now released.
« Reply #29 on: February 20, 2015, 06:46:25 PM »
The approach PD has is taken is according to Shane the same as other AV vendors do
Quote
We use the same approach many AVs have taken.  On install we generate a root certificate with random keys and install it into the local certificate store.  We then generate a certificate on-the-fly for each web site visited and pass our certificate back to the browser.  We then have a man-in-the-middle allowing the software to decrypt and re-encrypt.
.

This technology can be abused like any technology can be abused. For me the problem boils down to two questions. Do I trust the Vendor? The second question is did I get an untouched copy (signature check)?

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek