Comodo Dragon 43 is now available for download.

w33d3r · July 6, 2015, 8:58am

I have a solution to reading pdf’s which I am happy with, and do not wish to read pdf’s in the browser, so do not need another bogging down the performance of the browser unecessarily

Easy flash download is doing things I dont want it to do if I visit those same pages

HTTPS everywhere versus HTTPS Enforcement - Exactly. I cant install my choice out of those because they probably conflict in their functionality, and Comodo’s software cannot be removed

And besides, the beauty of having extensions framework and incorporating it to deliver non-critical browser features - is the "toggleability" of it - being able to turn off entire modules. Providing some UI in settings to turn off/on the non-vital extensions/features (Chromium PDF viewer / Easy Flash Download / HTTPS enforcement) is also would satisfy users, but just letting it be an ordinary, non-hidden/non-"integrated" extension is a simpler solution....

I’m hoping that Ozan comes through with giving us choice, as he mentioned in point No.3 here.

captainsticks · July 6, 2015, 9:06am

Hi smartodo,

smartodo post:20:

I’m fine with PDF viewer being there.
However “Easy Flash Download” is just an overlay for one specific site to temporarily assist NPAPI->PPAPI transition, there is absolutely no reason for it to be “part of a browser”. I still see it in the install directory, but it is not listed in the extension list, so probably it is out already.

“HTTPS Enforcement” - that is not a bad addition, but I think it should be delivered as a standard extension (which you can disable). Some people may prefer HTTPS Everywhere instead.

And besides, the beauty of having extensions framework and incorporating it to deliver non-critical browser features - is the “toggleability” of it - being able to turn off entire modules. Providing some UI in settings to turn off/on the non-vital extensions/features (Chromium PDF viewer / Easy Flash Download / HTTPS enforcement) is also would satisfy users, but just letting it be an ordinary, non-hidden/non-“integrated” extension is a simpler solution…

As far as I am aware component extensions cannot be manipulated so easily, so with security in mind they are a safer option.
Why OH why would anyone with security in mind prefer a 3rd party extension over a built in component extension is beyond me. :o
HTTPS enforcement is just one of the unique features.

Seriously if this is the only or most important complaint about the browsers, I think a congratulations is in order for the Comodo Development team. :-TU

Just my thoughts, kind regards.

SanyaIV · July 6, 2015, 9:46am

From my experience HTTPS everywhere and HTTPS enforcement does not seem to conflict, if they do then they do it silently and without any obvious effect.

I can understand if Comod thinks it’s a core feature of the product and don’t want us removing them, but at least let us disable them. Almost all other features in the browser is optional, you can choose if you want to use SecureDNS but not showing flash help? That just seems inconsistent.

lugo_58 · July 6, 2015, 10:54am

Hello guys,
I want to ask a question? Why Comodo and Chromodo do not come with Flash Player plug-in (built-in) ?
Google Chrome, Slimjet these browsers has the plugin so user do not have to install external adobe flash player. with every browser release, the plugin updates too.
So, users get smoother eperience

Can Comodo does this please? :-TU

w33d3r · July 6, 2015, 11:17am

w33d3r post:15:

On another note, Bringing the following here because the Secure DNS forum is like a desert with tumbleweed blowing thorugh mostly …

I replied to the following posts https://forums.comodo.com/help-dns/are-comodo-dns-servers-down-t110831.0.html

Which have not been replied to since April this year :

For what its worth ( if anyone even visits this part of the forum anymore ) ..
Experienced the same problem a few times over the last week. More annoyingly in the last two hours today

Turn off Secure DNS in Comodo Dragon, and the internet again works fine.

Also experiencing redirects to Cloud Flare on page load errors. When did that rubbish get introduced, if I get a page error I want to see a page error, not a frigging redirect. Stop messing with the way things are supposed to work

Duplicating here because now that Dragon has an option in settings to set Secure DNS ( whatever dns address that setting uses seems to be different from the ones I have set in my machines internet settings for Primary and secondary DNS, which are working fine … Unless this is something similar to Privdog where some kind of certificate undermining is redirecting us in association with enforcing https, or maybe even a super hidden plugin or extension which cannot be revealed with even a command line switch eh ?, who knows what comodo are trying to do to us these days )

So to make this clear

I have set my Primary and Secondary DNS as per instructions here …

Secure DNS for Windows Vista, DNS Setup Instructions - Comodo

8.26.56.26
8.20.247.20

And I have turned off Comodo Dragon Advanced setting …
“Enable Malware Domain Filtering ( Comodo Secure DNS )”

And the internet works fine

If I turn on the advanced setting in Dragon, a lot of page loads do not work at all, and I end up getting redirected to that Cloud Flare rubbish

So whats the story Comodo ?

So does anyone have anything on the actual questions I asked ? ( in the post on the previous page that triggered reactions for one line which was not actually a question )

I just had to disable all Comodo Secure DNS settings again ( in the browser and in IPV4 properties this time aswell ) to make this post, because for the last hour I cannot connect to the internet when using it.

w33d3r · July 6, 2015, 11:32am

Because flash is spyware, and Dragon is a privacy respecting browser … we would like to think
If you dont care about privacy, then why not use google chrome ?, google dont respect privacy either by default and as you know it comes with its own flash spyware.
Problem solved.

smartodo · July 6, 2015, 12:00pm

Second that, started to happen to me too today…

smartodo · July 6, 2015, 12:06pm

Well, to an extent, every indirect SW provider is a “third party” as long as you are not developing the SW, and it isn’t free (I don’t mean price) and open source, you can never be truly confident in a proposed solution.

As far as browsers go, not everyone has time/resources to fork and maintain a branch of preferred browser on his own (be it chromium or firefox base).
Here comodo with Dragon comes close to a sweetspot of producing a browser which is less spyware-bundled than chrome, and more robust than bare chromium. Comodo’s main business is CAs which is a serious security requiring thing, but a business is a business, and nothing would guarantee all-good intentions everywhere else. And even more than that, small projects tend to have big bugs left unchecked (the PrivDog story is just a perfect example of a flawed secure connections management), thus making extras optional is important.

For me, EFF is a more trustworthy organization than Comodo overall, and I would much more prefer to use EFF’s solution here (worth noting that HTTPS Everywhere is a FOSS solution).

Don’t get me wrong, I respect Comodo’s work with Dragon (else I wouldn’t use it in the first place).
But no software is ever perfect.
And keeping options open for users to decide - to always be able to opt-in or opt-out of any external (as in"non-critical") module, for me, is a core principle that should be a big part of the philosophy behind the product.
Hence I think this subject is a very important one.

See all of the above.
I hope they won’t…

lugo_58 · July 6, 2015, 12:07pm

We can disable those spyware(!) options…
Please make me correct if I am wrong.
Comodo Dragon also come with those settings “enabled by default”… just like Google Chrome.
Comodo Dragon also uses Google Safebrowsing? Same source codes…

smartodo · July 6, 2015, 12:19pm

Adobe Flash Player plugin indeed can be disabled in chrome too (in chrome://plugins/).

But many (chrome-avoiding) users would prefer to have to “opt-in” with flash (and other additions) rather to “opt-out” in case they prefer to avoid it.

Edit addition:

If you mean “incognito mode” - well, it’s just same browsing and “normal mode”, but with separate temp and cookies storage.
I don’t see how it is relevant.

lugo_58 · July 6, 2015, 12:27pm

I do not mean incognito mode. Please search about what Google Safebrowsing is?

w33d3r · July 6, 2015, 12:34pm

Flash is the spyware, and no you cannot disable what it does, once it is installed it does what it is designed to do which is to gather as much information about you and your habits / behaviour online as possible … Thats why adobe put so much money into developing it all these years.

Its not just a Youtube player, or a free games player, its designed to make money out of using your data

It has 16 different communications methods, some of which are secure encrypted, and these can be used by anything which is designed to use flash
It also has its own programming language which other third parties can use against you when they detect it is installed in your browser.
It has what they call a transparent click map, which tracks your mouse position, movement and acceleration speed - Even if you dont click anything it watches where you are looking
It can also record anything you type or do online and send all of the gathered data to whoever is listening to those 16 communications channels

Web pages are designed to exploit it. Other plugins and apps are designed to exploit it.

But worse still, malware writers regularly find ways to exploit it, even the google version which is supposed to be more secure by not breaking chromes privilege levels ( which the original adobe one does )

You can restrict the size of data flash stores locally in LSOs ( locally Stored Objects - Super cookies ), but thats about all you can set. If you severely restrict use of those, it stores data locally to memory instead for as long as your machine remains on ( which is also useful for when you have your browser in Incognito mode ), and still gets to transmit usage data.

Adobe are not making this for free, it has many ways of getting data about you. And is the most prevailant spyware on the internet.

Thats why we dont want it in this browser. Now do you understand ?

Googles safebrowsing is really no concern in comparison with Flash, and it is a service that google are not using to gather data about you - Read the following Chromium Blog: Understanding Phishing and Malware Protection in Google Chrome

captainsticks · July 6, 2015, 12:38pm

To all,
Please note malicious or misleading postings against software creators is in breach of the Forum Policy Sect 8.4.
Google and Adobe are both software creators.

It is simple if you don’t want Chrome or Flash, don’t install either.

If we want to be totally secure, disconnect.

Please do not reply to this message.

Thanks.

lugo_58 · July 6, 2015, 12:43pm

Sorry captain I have one more question.
Thank you for the informations w33d3r I just have another questions.
Why Comodo Dragon offers us to install this plugin then? Is Comodo wants to push us to Adobe lap?

w33d3r · July 6, 2015, 12:46pm

I have asked that question too, in the following topic https://forums.comodo.com/help-cd/comodo-dragon-43-hidden-extensions-will-not-disable-or-uninstall-t111464.0.html

Anyway reference malicious or misleading - Nothing I have said is either

And can be confirmed by reading adobe’s own technical paper …

http://www.adobe.com/content/dam/Adobe/en/devnet/flash/articles/flash_player_admin_guide/flash_player_10.0_admin_guide.pdf

Its a downloadable pdf

Also the Google blog regarding safe browsing is their own words too. But obviously to everyones advantage rather than anything bad you could imagine the service to be doing.

lugo_58 · July 6, 2015, 12:47pm

Thank you friend What should we use then instead of this spy?

smartodo · July 6, 2015, 12:50pm

True, a different thing.
As W33d3r said, it is not the same as bundling Adobe’s flash.

And people, don’t get too touchy-feely “want to be totally secure - disconnect”.
First: as long as it is optional (we can turn it off) - it is bearable.
Second: the discussion is about asking to leave more choices to users, and being more “opted-out” by default.

That’s about it.

w33d3r · July 6, 2015, 1:00pm

I dont use anything instead, and watching videos is no problem
VLC Media player has a browser plugin which covers a lot of video formats which used to be playable with Flash
YouTube these days mostly does not require Flash ( because they are slowly converting everything to be playable without it )
And HTML5 will not require any dedicated extension / plugin players.

The only things that need flash are old free games, do you need them ? - Googles development of Native Code in the browser will one day provide everything those online games will need.
Eventually everyone will realise one day soon hopefully that nobody ‘needs’ it

lugo_58 · July 6, 2015, 1:02pm

Thank you, I really appreciated :-TU

w33d3r · July 6, 2015, 2:33pm

No problem … A couple more things for anyone who find themselves terminally afflicted with a need for flash … A couple of blogs by an old ESET member ( ESET make NOD32 anti malware )

http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-1/

http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/

The first describes in detail the online flash settings ( which you have to go to a specific set of adobe pages to set )

And the second blog in particular describes something that is mentioned in the technical paper I linked …

The mms.cfg file - Also discussed here in the following topic for a better bunch of settings you can use - https://nodpi.org/forum/index.php/topic,1969.msg31214.html#msg31214