Comodo Firewall not much better than others

A review of Comodo Personal Firewall 2.3.6.81 by matousec.com

[b]Comodo Firewall not much better than others [/b]

We have finished the analysis and published a review of Comodo Personal Firewall 2.3.6.81. Except its great ability to fight leak-tests, Comodo does not have a good security design and the implementation is also quite poor and buggy. Nevertheless, its final score, also because of its excellent anti-leak protection, is better than the score of ZoneAlarm and thus it took the first place in our ranking. Visit the results page for more information.

Perfection does not exist!

this is why we can improve constantly!

the good thing is: we are still the best of all in the overall scores! And we are the only Free one! Beat that! (:NRD)

http://www.matousec.com/projects/windows-personal-firewall-analysis/results.php

cheers

Melih

Zonealarm Pro was the second best. Regarding its security:

Its programmers lack important knowledge needed for writing security products for Windows NT operating systems. Our conclusion is that the level of security protection offered by ZoneAlarm Pro is insufficient for any kind of utilization.
(:LGH)

Also, Matousec wants to be paid before revealing the exact problems found. Interesting idea, it seems anyone can buy these exploits. Blackmail or the only way to get good testing of these products? Is Comodo going to pay?

I don’t think so…I think Melih prefer to buy some coffee & donut’s for the coders, so they work on the firewall, so it’s getting better and better :wink:

As far as I see, analysis says not much better but still the Best in the top firewalls in the market.:slight_smile: This is despite the fact that it is still in version 2.3 while the nearest competitor has its version 6.xxx. Those who know the difference between CPF 1.0 and CPF 2.0 will understand me better.Anyway as CPF users, you still have the worlds best firewall according to the analysis.

CFP 3.0 has been rearchitected to have a built-in HIPS. This means it will also be able to be used as proactive anti-malware solution. Many of the features mentioned in that site(such as logging, such as advanced rule management or password protection) and more from the CFP wishlist will be included in CFP 3.0.

Since it will have a powerful HIPS, we will be able to seperate firewall activities from system related activities thus allowing our users a better protection with a better performance. It is getting better and better everyday. When it is released, you will be able to use the world’s best desktop security solution for free forever.

Just keep your feedback coming :slight_smile:

Egemen

hear! hear!

Melih

I could chip in for the coffee & donuts… :wink:

LM

If what matousec says is true then there are not firewalls that can really protect us… I was very disappointed when I read the review about comodo…

Whish the coders look at those reviews and solve all those bugs and close matousec mouth

I have to add my 2 cents here.

Maybe people are forgetting what the job of a firewall is supposed to be. It is there to block or allow ports. Finding processes that are being started by something hidden in the OS is the job of other types of programs such as CAVS, Spysweeper, etc…

They do tests on firewalls that are meant to be stopped by other parts of the suite. How is something that was built to screen ports supposed to stop running processes that have nothing to do with ports screening. If the firewall gets disabled from a virus then I have another program that didn’t do it’s job in my eyes.

Looks like they are testing more than just the basic functions of a firewall. If something gets in your computer then it is because one of the other programs didn’t do its job and not because the firewall didn’t block the process from starting. Testing for running processes is not the job of a firewall. Screening ports is it’s job.

From what I have seen they test malware and viruses with the firewall as the only defense then they try and sell it as not secure. What if the Internet Suite has a program that does catch the stuff they are testing? Their take is that it should be in the firewall and that if it isn’t then it is just a plain ole packet filter to them. Well, duuuh, that is the job of a firewall.

What happens once a packet gets inside the OS and causes damage has nothing to with that packet being allowed thru the firewall. That comes under the heading of anitivirus or HIPS or whatever. Some of those firewalls don’t have HIPS or built-in features to stop the things they tested. That doesn’t make it a bad firewall. What they did do is disable the other features that might have stopped it from happening and then say they are only testing the firewall. I don’t thinks so!

I woud rather see a test of the full security suites of each company and then that would tell you how secure you really are. Go to porn sites or warez sites or use uTorrent( yeah, I know, no pirated or virus infested stuff is ever transferred with those programs) and start downloading .zip or .exe files and installing them. Then you would see how well they really perform their job.

Well, I’m done discussing(actually ranting). (:NRD)

jasper

lol! jasper I was not saying nothing bad of CPF, Im very pleased with it and although it have some bugs, well, its a beta… I was just saying that matousec said any of the firewalls where secure, actually the way they said it looks as if those firewalls where useless.

Hope I make my pint clear, sorry for my ugly english

At least we have the best overall firewall with this result :slight_smile:

That Comodo isn’t perfect I already know, as I already said many times in this forum, and also because nothing is perfect…

I just didn’t like to read this: “The implementation of the security design is very superficial.”

It’s good to see that the incoming v3.0 will be rearchitected, have more protection, but don’t forget the useful features already suggested by users…

Other thing is that seems that you really trust in matousec tests and its evaluation methods, so I think that you will not have any problem to buy the private bugs found by him and its team to improve CFP, right?

Sorry fedex-bermu I wasn’t slamming you at all. I removed the quote as I forgot to do that before saving the post. I was actually questioning the way they are testing and not your comment. Sorry.

jasper

The only truly secure computer is one that has no power connected to it, no means of human interaction, no input devices, no output devices and is encased in concrete, stuffed into a locked chest and sunk at sea.

If CPF is second best to that, that’ll do me.

There is one disturbing aspects to these posts, if it is true. If (and I repeat IF, as I admit I haven’t checked out the article on the Matousec web site) Matousec is willing to pass on the defects within a firewall for a fee, is there any controlling mechanism on who is buying the defects?

I would be very suprised if Matousec were willing to sell the defect map of an application for a fee.
Who would possibly trust anything published by them after that?

I doubt that it’s true, and would love to hear otherwise.

Ewen :slight_smile:

This is exactly how I understood their site (one can buy their bug analysis per bug pricing).

I don’t know what is more dangerous: full open closure immediately to everybody (including exploiters & hackers) or using a mechanism to prevent people from accessing the exploit details (on time, money or identity basis).

Regardless of what one thinks about their approach to sell the details, I think they should change their motto which now stands “Transparent Security”.

If they really mean that, they’d give the data away transparently.

Now it’s more like “Semi-transparent security” :slight_smile:

I read the review and i thought it was an excellent and fair review. I don’t like it when people automatically bash a site that states some negative things about the product. Comodo is still one of the best but does need improvements which the review stated. I hope the owner pays attention to that review and improves on all the negative points and bugs. From what I can see, Melih is on the right track. I can only look forward to the next version, which is 3 I believe. (B)

I agree with Sonny.
it is a fair review and we will improve as nothing is perfect.

Melih

Like you said Melih, all you can do is improve on your product. No product can be perfect since everything is always improved with technology and that means more exploits and new ways to hack. All we can ask as consumers is having someone dedicated with providing the best security firewall. The advantage I think Melih and Comodo have over others is that the product is free and wants to be the best. The reason I say that is because when products are competing for your dollar, they will try very hard to cover any holes by being in self denial or covering up. That’s why I wouldn’t be surprised if Melih wants to know all the holes and improvements that needs to made to his firewall. Comodo will become the people’s firewall, lol. So I would think everyone would want to find and hear about all the security holes/bug/improvements needed, because it is us who are the winners at the end.

Yeah, I think we all agree to that, we all want the firewall to be better, and if there is nothing to improve, the coders just drink coffee and play tetris all day long, and I think that could be boring :wink:

(V)

Please understand that I wasn’t hammering their review per. se., only the fact that they are apparently prepared to sell an applications defect map to anyone. The guys at Matousec are very, very clever at what they do, and I couldn’t argue with any of their findings, just at how they choose to handle the commercial side of their discoveries and findings.

Cheers,
Ewen :slight_smile:

i just have one thing to say to the people who make cpf.
i would like to see constant updates to the firewall.
like everything else is updated so should the firewall.
i mean not full versions or beta version all of the time.
regular updates deffinitions.
that would solve alot of problem with bugs and security holes with the program.
also the updates would bring in new versions aswell insted of deleteing the version we have then downloading and installing the new one.