I installed Comodo Firewall Pro yesterday and began testing it today using PC Flank.
The first two tests went OK (Leak and Advanced Port Scanner tests) but when I tried the Quick Test I got the following result:
Browser privacy check
The test checked if your web browser reveals any private information while you visit Web sites. Usually such information is: the last site visited, your locale and who your Internet Service Provider is.
Danger!
Danger!
While visiting web sites your browser reveals private information about you and your computer. It sends information about previous sites you have visited. It may also save special cookies on your hard drive that have the purpose of directing advertising or finding out your habits while web surfing.
Recommendation:
We advise you to get personal firewall software. If you already have a firewall program adjust it to block the distribution of such information.
The trouble is, I’m such a newbie (both to Comodo and tech stuff in general) that I don’t know which settings to adjust.
Can anyone help me, please? Be ya friend 'n stuff (:HUG)
I don’t know about this test, but the “dangerous” activities it mentions (the last site visited, your locale and who your Internet Service Provider is), are beyond the scope of a firewall, unless perhaps it has additional filters.
In other words, the warnings from that test are stupid (in my opinion), because the fact that a browser reveals this kind of information is normal. There is nothing to worry about.
For example, “the last site visited” is also known as “referer”:
There are ways to fake or block that, but most people don’t.
As the results from the test mention, this is a privacy related matter. It doesn’t make you less secure (the good results from the first two test you mentioned really are more important, security-wise).
I’ve done some googling since my first post (and searched in these forums, of course) and much of what I’ve read agrees with what you’ve said - all in all, I’m very pleased with Comodo
+1. That information isn’t sensitive nor private, it’s around a million times less private than what appears in a phone listing. It’s broadcast in order to facilitate communication. It’s VERY irresponsible for any scaremonger to cry “danger!” because of this. >:(
+1. That information isn't sensitive nor private, it's around a million times less private than what appears in a phone listing.
The so called “referrer” allows ANY site that is capable of doing so to find out the last site you’ve just been visiting before, so it will know where you just came from…(well, couldn’t that disclosed info be somewhat “sensitive” or privacy related?) :THNK
It's broadcast in order to facilitate communication.
I’d rather say it’s broadcast to support, at least, advertisings and marketing strategies (a thing not ANYONE will love to support). (:TNG) Both referrers and cookies are, not only in theory, able to track one user’s SURFING BEHAVIOUR. In combination with IP logging, this of course means being able to create a personal profile.
You are free to enable cookies only for sites whom you DO TRUST, and I RECOMMEND DOING SO.
It's VERY irresponsible for any scaremonger to cry "danger!" because of this. Angry
Sorry, but I cannot find the word “danger!” in my last posting. And, that’s the first time someone ever called me a “scaremonger”. What does it mean? (Sorry for my bad English again).
You got me wrong because my post was right below yours. You can read “danger!” in Jorolat’s original post, it’s allegedly part of the message issued by the test’s result. So this means I wasn’t of course calling you scaremonger, but the test.
I do surf with referrring and cookies disabled by default by the way. (:NRD)
You can read "danger!" in Jorolat's original post, it's allegedly part of the message issued by the test's result.
So you don’t think anymore: that the “part” of that PC FLANK “message” issued by the “test’s result” was wrong???
Because it was just THIS the PC FLANK test told him: Crying “danger!”…
well JAPO, you also wrote:
I do surf with referrring and cookies disabled by default by the way.
Why do you surf with referring and cookies disabled by DEFAULT? Now, let me guess: it’s because you think cookies and referrers are dangerous TO YOU.
(But not so for all those noobs out there as well? Arggh…sorry.)
So this means I wasn't of course calling you scaremonger, but the test
That’s certainly nice from you, my friend, and I am completely aware now of that fact: You didn’t call ME a scaremonger. You didn’t call HIM a scaremonger. Ok friend. excuse me for taking that personal…but…
But, what that PC FLANK TEST told him was TOTALLY CORRECT, by the way. AND, of course, it had NOTHING to do with our lovely COMODO firewall. PC FLANK just told him that his browser config IS INDEED INSECURE (or, rather WAS, I hope…), so they said his system was IN DANGER (totally agree here, now don’t you? Come on, Japo…)
Because of THOSE FACTS, sorry, I don’t know if such a SCAREMONGER really ever existed.
Sorry, but THIS PC FLANK TEST was right…
Not too difficult to see, since this is a primitive standard test they use, and VERY INCOMPLETE INDEED.
But, forgive me, they were RIGHT this time. And, sorry to say so, you were not. Would be cool from you to agree here. I’m also somewhat faulty sometimes. It’s totally ok. We’re still human!?
It allows to simply disallow referrer and cookies by using a kind of TOOLBAR. (i.e. really easy to use for any newbie, and you’ve been calling yourself one of them)
Still, welcome again here at the COMODO board.
But beware: All of us (or, most of them, lol) represent real-life, that means sometimes differing characters.
Get used to that fact (no, this is NOT an artificial board, but an artists’ board. Now there’s some difference…)
I installed prefbar, but didn’t like the fact it took away a slice of the display area so I’ve installed something called RefControl instead. My cookies option is set to “Ask every time” and I’m hoping these two will provide as much security as I think I need (subject to anyone’s opinion who is more knowledgeable/experienced, of course).
First of all, blocking cookies and referrers means you can’t access all websites, because some will block browsers using these methods.
I’m not an expert, so this is just my opinion.
“Ask every time” seems to be a very awkward method, because so many websites use cookies. Doesn’t it take the fun out of surfing the web? And apart from that, by the time a website wants to place a cookie they already have your IP address, so they know you were there anyway (and before, or again). You will only prevent the “start of something new”, i.e. whatever information they want to start collecting (if that’s the case at all, not all cookies are “dangerous”).
Why don’t you simply let Firefox delete all unwanted cookies automatically when closing it? Or if you are really that concerned about privacy, let (for example) Crapcleaner erase\overwrite them.
I quite like RefControl so far; but I’ll see how I get on. “Ask every time” can be a pain, so I’ve taken your advice and set FFox to delete cookies when FF closes; again, I’ll see how I get on with it.
I’ll have a look at CCleaner and also at any FF cookie extensions.
Cookies or the referer aren’t dangerous. Sure, they can find out that ‘108.172.11.57 from Japan comes from www.google.com’ or ‘108.172.11.57 from Japan has visited the following sites’ or something, but how can it be called a security risk? Or even a privacy risk?
They don’t know the name of the person, or where he/she lives or anything. And they won’t know it unless your ISP shares the information with them. And they shouldn’t, unless you’re suspected for a crime…
If you don’t want to send the referer, (in Firefox) go to about:config, and search for ‘referer’ and you should find a integer named ‘network.http.sendRefererHeader’, which by default is set to 1. Set it to 0 and your referer won’t be sent.
For cookies, you can go to Tools → Options… → Privacy and uncheck ‘Accept cookies from sites’ (and of course 'Accept third-party cookies), then go to ‘Exceptions…’ and add the sites you usually visit.
Don’t be worried about that, that test shouldn’t even be on the internet. Without sending items such as your web browser etc many sites would fail to function…
I refer to the " IP " as your computers address, without it most sites would fail to work because they wouldn’t know where to send the information. And Comodo has got the doors locked for anything dangerous.
Cookies and referrer information can’t be “dangerous” nor “insecure” in any sense of those wods. (Surfing as admin for example, on the other hand, is both immensely “dangerous” and “insecure”–if you’ll forgive the repetition.)
Referrer information tells the site you connect where you come from. That’s not a big deal, certainly not a security issue. It can be thought of as a privacy issue, so you can disable it selectively. Be warned however that some sites need it internally to make sure you haven’t been misled, I think for example you can’t complete a transaction in paypal.com or some similar sites with referrer information disabled.
Some cookies could be used to track your navigation, again that’s not a security issue but a privacy issue. Again you can restrict cookies, but some sites need cookies (which normally aren’t tracking), certainly all sites that you want to log into, such as this very one.
Certainly, Morph. I apologise if I’ve caused you any offense; the only reason I used that expression was because that’s how you ended your first reply in this thread (message #3):
I thought it was your preferred mode of address - sorry!
