Greetings, there was a recent post insinuating that Comodo reports user’s every move. While a bit dramatic and ultimately presumptuous, the post, nonetheless, piqued my interest and had me trying to replicate. For me, Comodo blocks everything, including itself. But, I did notice something which prompted me to post.
I want to start by saying I’m a grateful long time Comodo user, since 2.x days. I’m currently using CIS 22.214.171.12428 on a Win 8.1 x64 system. I employ an custom CIS ruleset and have all Comodo features which would need to phone home either blocked or disabled. This includes malware definitions, program updates, scheduled tasks, cloud features, messages, dns settings, and usage statistics.
In an advanced task manager program called Process Hacker I noticed cmdagent is repeatedly trying to remotely contact comodo ([at] CESM-SBS-2011.brad.dc.comodo.net). Now as I stated it fails because of the rules. What’s alarming is that it’s doing this every 5 minutes. I took screenshots of this behavior for quite a while as I doubled checked and turned on/off several features. It seemingly does this for as long as the computer is on. I’m not sure what to make of this behavior, so my question is as follows. What is cmdagent trying to do that I haven’t otherwise specified? And depending on the answer a follow up question would be, “Is this behavior a bit excessive?”
Note: As I changed settings I rebooted the computer in case there was something that needed to take effect. Also, as you can see, I last properly updated Comodo 15 days ago.
As for the second part to this post, I wish to leave feedback on the Telemetry task that exists in the Task Scheduler. CIS 10.0.2.6396 first introduced this new task and I’ve always been confused as to its purpose. I believe I read that it’s tied to the usage statistics checkbox. But here in lies my confusion, the usage statistic checkbox has existed looong before that Task ever did. Am I misinformed as to its purpose?
What prompted me to ask is that in CIS 11 there now exists an hourly check in which Comodo will always restore and renable this scheduled task. Prior to 11, Comodo would only restore it after a system restart. An hourly check is a decidedly more aggressive approach. Also, around the time this task surfaced there was a poll about adding an option which would enable users to permanently disable it. Is this something I can look forward to? Thank you.