There have been too many serious problems lately. First, regardless of what anybody proclaims, Comodo fails at protecting users from the gpcode sufficiently, relying on either manually sanboxing it after adding certain directories to Protected Files and Folders, or by relying on the AV engine which required a signature which means that users had to be infected first.
Second, the latest update does not fix the gpcode issue instead creates even more problems.
The update cripples the internet connections when the ARP cache protection is enabled. Inexcusable…isn’t this software tested before it’s released?
I hope things get better, I am a long time user of Comodo and I don’t want to see Comodo slip up any more and get a bad reputation. I’m sure none of us do. (:SAD)
Hi Aweir. I do agree CIS isn’t without some recent problems, and I certainly would dislike seeing Comodo get a bad reputation from some imperfections. Remembering nothing in this world is perfect, that is why their is always room to improve. Programs can never be tested in all scenarios or on all systems as each and everyone is different. While it is sad to see this update fail in quite a number of situations, I think it is still a credit to Comodo to pick up on this on the day of release and suspend the update until the bugs are resolved. To Aweir I am sure your support is greatly appreciated, and I hope these problems won’t stop you using CIS. All the best to you Aweir and good luck to Comodo for your planned bug fix release Monday, I hope all goes to plan.
Well… McAfee crashed thousands of computers after update that deleted critical OS files…
Kaspersky hosted malware on it’s web site for 2 hours…
Also this
I did not notice Comodo causing any damage to users…
Latest update did have a connectivity glitch, but there is a workaround and a patch is underway…
No need to cause alarm/distress… As for gpcode… Chances are an ordinary user would have very small chances of catching it… They don’t go to malwaredomainlist or malc0de or malwarebytes forum… that often…
Gpcode and this bug are two vastly different phenomenons.
The problem with the ARP protection is unfortunate but can be worked around. One could argue it should not have slipped through QA cracks. As a silver lining I see that egemen is vigilant as always around new releases to pick up bugs and providing an update in timely fashion; usually in less than a week after release.
Regarding Gpcode. Comodo is working on a new layer of prevention that will protect user data in general to protect from Gpcode and alikes. In the mean time there is enough detection around to keep the users of Comodo safe from harm by Gpcode:
After installing 5.4 on my windows 7 64 bit computer with nothing other than Comodo being new it crash my system in a few hours. I’ve since gone back to 5.3 with no problems of any kind.
Please consider filing a bug report in the Bug Reports - CIS board following the format as described in FORMAT & GUIDE - just COPY/PASTE it! and attach the dump file to your report. That will help Comodo greatly.
The crash happen yesterday and my system gets rid of dump files when I restart my computer so I am sorry I can’t send any useful report now but try to keep an eye out for others having this problem.
Follow this tutorial to get to the Start up and Recovery options dialogue box and then set Windows to “Write an event to the system log” and "Small memory dump (128 MB). See attached image for reference.
I Disagree I know every company has bugs I bet if I researched it I could not find a company that has had some bugs that is a company making this type of software and I do not know a company that has a quicker turn around time then Comodo when they do have a bug which ALL Companies are going to have plain and simple I know companies that have many more bugs then Comodo has like Norton, McAfee too name just a couple off the top of my head So with taking All of this in to consideration I think they do very well!
I agree! Have you seen the 1,000’s and 1,000’s of complaints concerning the recent Win 7 SP1 update? Besides the seemingly endless number of people who simply couldn’t install it there were even more complaints from those who manage to succeed! I have been waiting on a resolution to the Win 7 SP1 ‘USB Bug’ that prevents correct USB driver installation since Feburary 23rd and hopefully MS will include KB2529073 in the next round of Windows updates, if not I will continue to wait and see if my computer ever gets SP1 installed without creating enough problems to make it not worthwhile to install.
By comparison I think Comodo is doing fairly well at least they care enough about their end users to develop and get a fix out for the ‘ARP bug’ in just a few days. Thanks Comodo!
There is another issue which is not resolved even in this new version of CIS: the problem of no control the files by their hash. The file is only checked by the path and its name, not its hash as well. So if a malware is able to replace a trusted file that malware can do anything, no reaction of CIS. It is obvious idea to control hash of files, but how many version of CIS should we wait for it?
CIS recognizes files by their file hash. This is why file types that change constantly are perpetually unrecognized. Because each time they run, CIS sees them as a new file.
Firefox as an example, when updated is not recognized as a new file by CIS, and is treated as changed one by Online Armor. Well ,Firefox is known and trusted app, that is the reason probably.
But I made another exercise. Akelpad is a small and nice text editor, unknown by CIS. First run I receive pop-up, I press Allow and remember my decision. Next run it starts without any reaction from CIS, OK. Next app is MyUninstaller by NirSoft. First start I get pop-up and I doesn’t allow it to run. Now I copy to the directory of Akelpad the exe file of MyUninstaller and rename it to Akelpad.exe. So now it is Akelpad – known and trusted app, and I run this MyUninstaller without any pop-up from CIS. This is my question: CIS only remember if a file is trusted or not by taking into account file’s name and path. I think it is big issue.
CIS only remember if a file is trusted or not by taking into account file's name and path. I think it is big issue.
How So? If the file hasn’t changed then there is no security risk; if you have a computer and CIS Has the hash of every single executable that you have on your machine, and a new file comes into your computer you’ll be alerted unless that hash is already recognized as safe by the global whitelist or your local whitelist… It’s actually more secure this way instead of just relying on the FileName
Reason i say that is because
1, They give a Darn Top Notch Internet Security for Free! (Find a company that does that and does well as CIS
2, You can ask or talk with the CEO, The Head Developers, and The Developers, and Professionals around the world without paying a dime
3, It’s only been what 3Years since CIS Was Born? and It’s advanced this far ahead of the game? and was number 1 Free Internet Security for how long?..
4, CIS is Just a Child (not a infant no more)… Let it grow up, and only way to do that is us users to make it better and report such errors in it, Comodo Internet Security Isn’t Comodo’s Main focus, They Primarily deal with Verification Technology (SSL/Email Cert/Code Sign/etc etc)
As EricJH stated the gpcode isn’t a issue,
Regards to 3.4 I think they should made it beta before releasing due to ARP Cache bug and Localization Bugs but They didn’t know until a user said something, then what do you know? An Head Developer Got On It and Will be fixed by Monday… thats about 4 Days? from the time a user report to the time a fix will be released…
So,
1; GpCode isn’t a issue
2; Crippled? Oh You mean Paused updates because of the ARP Cache Bug…
3; We’ll see what happens in the next version of CIS
I described you my experiments: if another file has the same full path as a whitelisted one this another file treated as trusted as well. This was discussed before in Russian part of Comodo forum. And I read somewhere that in early versions Comodo checked hash of files, but not in modern versions.
Sorry for such questions, I like CIS, but it has unfortunately some issues.
