Well, we’ve got a mucho big problem here. I’ve (and a few friends) who’ve been testing free firewalls, antiviruses, etc, have come across another disturbing thing inside Comodo. 5Yesterday, we found a major flaw with Comodo and Lavasoft, something Lavasoft itself has been aware of, unbeknownst to us, for many months now).
It seems that if downloaders of Comodo’s free personal firewall use the “automatic update” function initially set by the Comodo program, when the Comodo program updates itself, it also sends every bit of info back to Comodo servers about the existing firewall settings. Now this behooves the disturbing question if Comodo is also tracking the actually computer user, DNs, and IP settings, et al, itself, which one can only take their word for. If you want confirmation of this behavior, just right-click on your internet connection, click “status”, and watch what happens when Comodo begins updating. Before the whole updating process is over, your computer will have sent nearly 2-3 times the amounts of bits that you received in the Comodo update. wonder what can be three times as large as the Comodo program itself??? Don’t ask for you may not want to know…
Comodo, what in the hell (excue the language) are you doing? No other free firewall does this, nada, not one, but yet we’ve verified it is happening with you (unsolicited and unpapproved feedback without user knowledge is a massive no-no). Despite our personal love of your program, this morning we notified thru service bulletins several large tech forums about what is going on. Like it or not, a few of those forums are up in arms as other members are now discovering the same thing. Are you aware, Comodo, that a huge backlash is starting.
Waiting for a reply to this blatantly bad practice…
There is nothing naughty going on guys!
we are 100% open.
I will get our dev guys to explain the protocol and data in more detail so that you the Sherlock Holmes`s out there move on to some other new clue
Melih
btw: as the leader of the uprising, and (hopefully) a responsible human being I would have expected you David2007 to first come and ask us for an explanation. If we failed in providing a good explanation then of course go ahead with your uprising, but until then don’t you think it is irresponsible to start badmouthing and creating the “uprising” against CPF, and that’s because the size of the data on an upstream does not match…you can also create an uprising because you don’t like the colour of the CPF, its as valid of a reason as your reason !!!
And, we, as the comodo community, hold you responsible to go and clean up all the uprising you have caused as soon as you have the explanation that our dev guys will provide.
What sort of information do we send? Can you please run a packet sniffer like the one from www.packetyzer.com and paste the dump of complete session here so that we can also see what you are seeing?
Comodo Automatic Updater uses HTTP(port 80) protocol i.e. completely unencrypted traffic. So you will be able to see the contents of the traffic clearly.
Now this behooves the disturbing question if Comodo is also tracking the actually computer user, DNs, and IP settings, et al, itself, which one can only take their word for. If you want confirmation of this behavior, just right-click on your internet connection, click "status", and watch what happens when Comodo begins updating. Before the whole updating process is over, your computer will have sent nearly 2-3 times the amounts of bits that you received in the Comodo update. wonder what can be three times as large as the Comodo program itself??? Don't ask for you may not want to know......
Comodo, what in the hell (excue the language) are you doing? No other free firewall does this, nada, not one, but yet we’ve verified it is happening with you (unsolicited and unpapproved feedback without user knowledge is a massive no-no). Despite our personal love of your program, this morning we notified thru service bulletins several large tech forums about what is going on. Like it or not, a few of those forums are up in arms as other members are now discovering the same thing. Are you aware, Comodo, that a huge backlash is starting.
Waiting for a reply to this blatantly bad practice…
Here is how it works clearly :
1 - If it is Installed for the first time, CPF generates a unique id for your PC and sends this ID along with your email address(if you preferred to provide during the installation) to ACTIVATE. This happens only once and clearly not a privacy breach. This activation process was different in previous versions.
2 - If automatic updates are enabled, CPF periodically checks for updates over HTTP protocol and thats it.
Now, you claim CPF sends private information collected from users computers. Your reasoning about the traffic amount calculation is fallacious in many ways. All you have to do is to run a packet sniffer and watch the traffic. I assume you have done so before posting. When you show us your packet sniffing logs, we will all be able to see what is being sent.
For traffic amount lets talk about the possibilities :
1 - In activity->connections tab, amount of the traffic you see will always be higher than you expected(Ofcourse i assume you are not faimiliar with TCP/IP protocol). If you download a file of say 3 MBs, you will see more than 3MBs in the connections grid. WHY? Because with every packet transferred, has Ethernet header + IP HEADER + TCP(or UDP)HEADER = 14 + 20 + 20 = 44 bytes (minimum) transfered too.
So for every 1514 bytes packet, minimum 44 bytes are used for TCP/IP protocol as headers and other control data.
2 - Why would outgoing traffic size be more than incoming traffic size?We will clearly see when you attach the packet sniffer dump.
Here are some of my guesses :
The same packet may be needed to be transferred more than once because of the failed transmission attempts.
Outgoing IP fragmentation may cause more control data to be transfered.
Anyway, we know what we transfer and what we dont. All you have to do is to use a sniffer and share your sniffer logs with us in this forum publicly(zipped .pcap or cap file).
I always really enjoy complots, so I looked a bit around. Alas, there was not one single forum I could find where this big news was posted. Of course not, because every forum would immediately ask what the sniffer said.
David, I have two tips for you:
It’s a firewall, but it has nothing to do with the firebrigade. So if you post on forums, like you said, you should post on computerforums, so I can read about it and have a nice time reading about big complots for free.
A sniffer is a computerprogram. It has nothing to do with catching a cold. Just to inform you, because you probably don’t know what a sniffer is.
No, don’t thank me, I’m a nice person and always like to explain things, no problem at all.
It seems like every once and a while somebody is starting to say something about spyware or something like that in CPF. In newsgroups the same. But I’ve never seen anything that comes even in the neighborhood of a beginning proof.
When I started using CPF I’ve watched it carefully because of this rumors.
Strange thing is I’ve never seen this nonsense about for example SiteAdvisor, while that program sends every site you visit somewhere. That’s no criticism, that’s the way that program works. It’s just strange it’s mostly Comodo that gets attacked.
By the way: I don’t react very often here anymore, because I switched to Linux, and only run CPF on a virtual XP inside of Linux. With CPF as firewall, what works also wonderful.
I couldn’t have said it better myself, Melih. Despite the good works that people do, you will always find one or more individuals in the crowd that will find fault. In a situation, such as this, it’s best just to play a deaf ear and blind eye to these guys who have nothing better to do in life than find fault with others. It’s time these individuals closed their book of complaints against the Management of the Uninverse and start contributing to life itself. But you, Melih, on-the-other-hand, have the upper-hand to control the situation, re their postings in this forum. I believe you know what I’m talking about. (:WIN)
However, I want our forums to be an open and frank discussion area. David2007 has obviously made a big judgemental error. I am sure he is big of a man to come and accept this. Simply removing his post, even though would be the easiest solution, is not the way I operate. I am more than happy to handle these issues in public and will continue to do so. Everyone must see how we handle every kind of situation so that we gain their trust.
I dont know the OP but many people I know are doing this to find a catch. If CFP were really acting like a spyware, which collects and sends private data, only one person would be enough.
It’s alright with me if people are trying to find a catch in important security apps like a firewall. But I think you should at least have some proof that something is wrong before starting to shout.
In this case it looks to me like what I (and many others) did in my childhood: ringing a bell, running away and hiding, and looking what happened. Big fun of course when somebody got really angry. But I stopped doing this when I was about 12 years old.
In newsgroups it’s getting less, luckily. Now it’s more somebody doesn’t like the interface and things like that, but less about ads and spyware. And interfaces etc. are merely a matter of taste.
But I still don’t understand why it’s almost alone about Comodo when it comes to spyware etc.
McAfee is a commercial firm too. They own SiteAdvisor, so they can collect EVERY site you ever visit. Don’t know if they keep that information, but they can, if they want. And they never say they’re in it for the money, which they certainly are. So if you are afraid about spying…
Comodo is very open about also using CPF as a way to get their brand known and make money that way. Since Comodo is so open about that, I don’t think there’s anything wrong with that. (Well, hmm, in my paradise there’s no money, but I’m probably the last dinosaur on this earth dreaming of such a world :))
So I still don’t understand why it’s almost always Comodo that gets attacked.
I don’t see your picture in the “Meet the Administrators and Moderators” thread. Fair is fair.
That said, I’m most pleased with the performance CPF is providing me with the highest level of protection over an always-on connection, and will continue to remain true to Comodo unless reason is given for me to otherwise question Comodo’s purpose and viability.
