Hello:
I have Comodo Internet Security (CIS) 2024 beta installed on my computer. Usually I do not enable CIS cloud analysis function. But I accidentally found that CIS was uploading abnormally today. I sent feedback to Comodo’s official email address, but my email went unanswered. So I’ve come to you for help. Please help me analyze it and answer my questions:
Is there any bug that will cause CIS to upload files in the background even if the “File Rating” function is disabled?
Is there a bug that causes no upload record in the “Submitted Files” list after CIS uploads files?
What exactly causes the abnormal upload? Does it really steal documents?
Because there are relatively confidential files on my computer, I am very concerned about these issues.
Please help. Thank you.
This is the cloud link to the installation package (please note that I have updated the software after installation, so you should analyze the beta version of the installation package and the latest version once)
CIS does not steal documents. Any files that are sent to the cloud are not document files and with the File Rating Cloud options disabled, you’d have to manually upload them for analysis. Do you see any of your sensitive files in the File Rating List?
I can no longer confirm if I am seeing sensitive files in the file ratings list, as at the time I uninstalled the beta of CIS after the shock. But judging by the level of shock I got, it’s quite possible that it is. This may be a beta bug, and I hope you can troubleshoot it. Also, I’d like to ask what file extensions are automatically uploaded by the File Rating feature of CIS? Because I have images, csv tables, databases, and other sensitive files on my computer in addition to documents.I need to know the exact types of file extensions that CIS automatically uploads.
Only executables and .dat filesas far as I am aware but @ilgaz can confirm.
You need to use the official installer version from the forum. The version via the link you provided is NOT the Final Beta version. Instead it relates to 12.3.0.8088. The Current Beta version is 12.3.2.8124
@ilgaz Can you answer these two questions for me—— Is there a bug in versions 12.3.0.8088 to 12.3.2.8124 of Comodo 2024 beta that could cause accidental uploading of privacy files? Under normal circumstances, what suffix files will comodo upload?I have been waiting for the answers to these two questions for three days now
hi @LindaHerbert5735, any unknown PE file is being uploaded to our File Rating system unless you define a specific rule not to do so, or completely disable File rating.
.exe
.dll
.mui
.js
.apk
.EXE
.ps1
.DLL
.ttf
.TTF
.sys
.fon
.tmp
.winmd
.bat
.pyd
.vbs
.trace
.ttc
.py
.mun
.log
.scr
.com
.qmlc
.ax
.cpl
.node
.dat
.tlb
Above are the file types that we collect and check whether they are PE or not. If found as PE, then we analyze. If file rating is already disabled, as @EricCryptid mentioned above, you will need to manually upload the files for analysis.
As for your first question to understand whether there is a bug or not - we need more information (CIS logs) to further analyze and validate, then apply fix if a bug is identified.
Also, I would like to ask about few things:
1-
How did you determine this?
2-
Could you please share the email address that you used to send feedback?
@ilgaz
Thank you for your reply. Sorry, I am unable to provide the running logs as I have uninstalled the cis 2024 beta and switched it back to the regular version after being frightened. I suggest that you directly review the source code for versions 12.3.0.8088 to 12.3.2.8124. I can provide you with installation packages: EXTERNAL LINKS REMOVED BY MODERATOR
I can answer your question:
Because I remember uploading files that seemed to come from my desktop, and there were no files with the suffix names listed above on my desktop.
My private email is currently not available for public access to everyone here.But I can tell you that I sent it to cisquestions@comodo.com The themes of the two emails are"
I need help from comodo’s official developers" and “Feedback on two questions about comodo internet security (cis)”. You can look for it in your email system.
I suggest you directly review the installation package I provided. My public email is LindaHerbert5735@outlook.com . You can inform me of the investigation results through this email.
Please refrain from renaming and then uploading the installer to the cloud. If you simply state state it’s in relation to the current Beta we can be sure you haven’t altered the file in any way. I’ve removed your links a few times now.
You need to provide detailed evidence of your claim.
If you, yourself uploaded files from your desktop where did you send them to? I have tried every single Beta of CF / CIS / CAV since version 3.14 many years ago and even with me having multiple files on my desktop, none of them have ever been uploaded by Comodo.
What other security software do you have installed on your machine? If using a VPN client, which client do you use?
I’ve removed your Cloud Links sourced from China Apple Cloud Servers. Please only use official installers from the Comodo Forum.
As mentioned above, I have uninstalled the beta version of the software so I can’t give evidence, I am only Posting this to let comodo officials troubleshoot the problem.
I uploaded the cloud link only for the official personnel to check the version number. I’m sorry to make you feel uncomfortable, and I apologize to you again. I will not continue to upload cloud links.
I’m not intentionally looking for trouble.I’ve been worried about my private files for a few days now and it’s causing me sleepless nights. I just need comodo’s official staff to assure me that “every version of CIS 2024 beta from 12.3.0.8088 to 12.3.2.8124 is free of bugs that can cause accidental uploads of private files” before I can continue to use comodo. As I said earlier, I can’t confirm for myself if it was uploaded or not, I’m just very concerned. @ilgaz , can you give me that assurance? (If you’re not sure, you can go ahead and check before replying to me)
@ilgaz Can you ensure that all versions of CIS 2024 BETA, ranging from 12.3.0.8088 to 12.3.2.8124, are free of bugs that result in confidential files being leaked?
If this can reassure you: I have a “Documents” folder with several hundred MB of Documents and Comodo’s connections have never reached the volume of my documents.
That would be the case if it transmitted everything…
I’ve backed up a few documents with Winrar to make a self-unpacking file in *.exe format.
I imagine that this file has been sent to Comodo.
So I have the following questions:
How long does it take for transmitted files to be automatically and reliably destroyed once they arrive at Comodo?
Are the staff who are authorized to analyze the files “by hand” subject to confidentiality clauses that prevent them from disclosing or passing on personal information, including to their colleagues or superiors? (apart from what is against the law, of course).
If I had encoded (encrypted) the *.exe files created by Winrar, would Comodo be able to decrypt the files? I imagine it would, otherwise investigations would be less relevant or numerous.
To sum up: I will never again compress personal documents in *.exe format.
(The fault is mine alone)
@ilgaz We need answers and commitments.
I just need comodo’s official staff to assure me that “every version of CIS 2024 beta from 12.3.0.8088 to 12.3.2.8124 is free of bugs that can cause accidental uploads of private files”
I know Comodo doesn’t normally upload files other than executables, but I need to get rid of the beta bugs in order to sleep peacefully.
All you have to do is tell me if there really is a bug in the beta that could cause confidential files to leak.Then please answer the question from @Varan-de-C0m0d0.
