Comodo fails fake mouse clicks attack-review by PC Magazine!!!

It looks like Comodo’s self-protection is still weak against fake mouse clicks attack:
Review by PC Magazine:
“My wacky attempt to turn off protection using simulated mouse clicks did succeed, but just barely. The little program I wrote can fake a click in any location, but I didn’t give it a way to move slider controls. Setting the firewall to Disabled using fake clicks required pixel-perfect accuracy—there’s no way a malicious program could automate the process. CFP is fully armor-plated against attacks by the bad guys.”,2704,2240714,00.asp

Here is the entire review:,1759,2236657,00.asp

Quite. But honestly, who uses fake mouse clicks anyway? I mean common first you need to infiltrate the computer. I think CPF can handle that :wink:

No one I guess, I never heard of them ???

Yeah, and in case they get in, you just unplug the network cable and they’re going to be really mad :smiley:

Seriously? You never heard about this common technique?

Nope, it’s not on Wikipedia. If you search for Fake mouse click it says that this is 100% related to it lol.

Sigh… It’s not on wikipedia means it doesn’t exist? You really need to go for a information literacy class…

Repeat after me, “just because it’s not on wikipedia, doesn’t mean it isn’t real, or isn’t important”.

I should know, I published several articles on wikipedia in peer reviewed journals…

I was being ironic…

I suppose wiki is 100% right(eh ragwing) as mickey mouse is a mouse and he is fake,as for mini,well she`s just hot.

Note to self:must get out more

Matty :-*

At work all the PCs have a third party firewall installed and an application monitoring & deployment program. For reasons not fully understood, the monitoring program on occasion instructs the firewall to shut down. The workaround for this is for the firewall to prompt for a password whenever it is instructed to shut down.

I turned on the password feature under “parental controls” and found that you can’t change settings without providing the password. This would seem to be an effective mechanism to prevent a “mouse click” program from changing firewall settings.


Well, it is highly unlikely, that the person that infiltrated your work’s network (if any one did infiltrate) would use fake mouse clicks. It would be too noticeable for a vigilant administrator. Anyways yes setting a password would be quite effective.

The scenario here is a trojan horse not someone infilitrating/hacking through your network.

If you are running defense+ type defenses, the trojan horse, would be run (you would allow it to execute on prompt), then it would try some thing that would require more previlages (install driver) which would trigger more prompts… This is where most malware would fail. But if theyuse false mouse click, they can click “accept” automatically… and bam! you are finished.

Passwords would be effective, but not if passwords are needed to change settings, but you can still respond to prompts without passwords.

You need a lockout mode, where all prompts are set to deny by default… and you need the password to change the mode,.

Thats still an infiltration. An infiltration is when a network has been compromised.

I thought you could disable a prompts on the parental controls tab (where you set the password). I assume the idea for parental controls is to lock all settings in place.

Well if you set a password, it will make it much more difficult to change anything. Even if it is a trojan it will make it that much harder for the hacker to do anything, with the password in place.

Yes, but your early post indicated that a admin would know about the “infiltration” that would only be likely in the case of a direct network based attack…

That might be so, I don’t know I have tried this option, i was talking generally.

In any case, with aggressive HIPS like defense+, I find it hard to put it in a “deny all mode automatically”…

But in order to plant a trojan, yo would have a list of sites visited, IPs connected, destination IPs, an admin would be able to piece it all together.

You have too limited an imagination, if a targetted attack was done, one wouldn’t rely on such a random unreliable attack as hoping the employee would visit a certain site…

A very common way of getting in, is when the employee brings in the infection himself, either cos his flash drive is infected or because he manually ran a app that he uses at home, but that app is compromised. These “backdoor” methods, are the greatest threat to corporate security as you know.

Of course you should have security policy in place…

My imagination is just fine, I am talking on topic, and will proceed to other methods of attack when nessesary. Im here to help not show off my knowledge, of currently un related topics. Though your response is on topic the question was ‘will a password keep me safer’ I answered.

And it’s necessary here. :D. Not idea why you jump to conclusions that false mouse clicks attack must be something that works over the internet… I was pointing out the correct scenario in which it will be used…

True, the method is not common yet, but only because few people use things like comodo defense+.

Though your response is on topic the question was 'will a password keep me safer' I answered.

well i don’t think my response is quite on topic, but i was just correcting your misconception of how such attacks are used…