KCeasy, µTorrent + Comodo "transparency"(?)

Hi Guys,
Can anybody explain Comodo’s behaviour with these two: KCeasy & µTorrent.
1. KCeasy
I posted my Q to

more than a week ago. The thread has a good tutorial for setting KCesay rules but probably I was wrong about asking “unrelated” questions.
I don’t want to repost whole lot here. Briefly – after KCeasy installation I did not set any rules, did not forward any port. Started KCeasy. No question asked by Comodo (?).
All networks were opened. Download speed (!!!) – Morpheus Ultra may just dream about it (good bye Morpheus!) …. But I was not expecting such transparency. Why?
2. µTorrent
Rule was set. Port was forwarded. Green light given, everything is perfect.
But because of my bad nature I decided to test “random port” in µTorrent.
After restarting µTorrent I got Red light (fine) ….but download was still going.
Never happened before. To reassure myself I shut down Comodo and switched back to poor XP firewall. Download stopped, which is correct.
Please enlighten me.
Thanks in advance.

First, why is this in the FAQ section???

KCeasy:
In, Comodo/Security/Miscellaneous/
Do not show alerts for the applications certified by Comodo.
Probably checked, Right?
Well then KCeasy must be a trusted app.

u-Torrent:
Comodo Does not have the ability to dynamically open and close ports based on the needs of trusted applications.
Using the random ports feature of u-Torrent does the following.

Disables Uploading - Others cannot connect to you, i.e. download your files.
This hurts the network and your download speeds.

It does not stop you from Downloading from others as that is Network rule #1
Allow all outbound TCP/UDP to Destination/Source any and Port any.
This is where Application rules are used.

The trusted app function in Comodo is confusing when you don’t know it’s there.
I don’t use it myself.

Hi Zoofield,
Thanks a lot for your reply. I was away and in addition gave up on getting any answer. So my delayed response isn’t due to my rudeness.

First, why is this in the FAQ section???
Good point. It shouldn’t be here rather, say, in Help section. In my defence I may say that this section here does not strictly set as FAQ where usually there are Q(s) and solution(s) and “no discussions”. So I was tricked by debates about something like “Stupid question” and added my own stupid Q… They are frequent now… (:WIN)
[b]1)[/b] Do not show alerts for the applications certified by Comodo. Probably checked... [b]2)[/b] The trusted app function in Comodo is confusing
Yes. You are absolutely right. It is a bit confusing. As a matter of fact is it any way to find if an app. belongs to Comodo’s trusted list? Now when I tested staring both KCeasy & uTorrent with checked/unchecked option I do understand that both are certified. The only thing I have yet to get here is Comodo’s logic behind setting port to ANY after asking about app. attempting to communicate through particular port.
Comodo Does not have the ability to dynamically open and close ports based on the needs of trusted applications
I know that. Would be fun though, he! (:LGH) Thanks again Best regards

The answer would be no according to Ewen’s post 1) https://forums.comodo.com/index.php/topic,24.msg24155.html#msg24155

Thanks Soyabeane,
I checked the link you’ve pointed to. First of all I deliberately wrote “find if an app. belongs …” not that I wanna see whole list. The list can be huge – like 1milloin + 69 entries and reading it would bore me to tears.
But Panic’s answer made me panic
He wrote:

1) If [b]WE[/b] can see the list, so can malware, and it could inset itself into the list. The list of approved apps is hidden as a security measure and will not be revealed.
Now, I found this argument it a bit weak. Even showing whole list must not mean that such serious application would keep DB of certified apps. in some kind of, say, text file or any other unencrypted form making it easy for malware to “inset itself into”. I personally never met any drunk programmer who can consider such insecure implementation. The sober programmer may not code this way too. So mainly showing the whole list should not be a problem at all. The ability to perform Search by name and give True/False result would just help. What is a real problem as I see it is how Comodo performs a check in its own hidden list of trusted apps. In my evil experiment I wrote a small app. It communicates with port xxxxx. I compiled it and saved as EvilApp.exe. Actually you can use any app. you have/download etc. I renamed it as uTorrent.exe ([i]certified one [/i] but you can use any other you know) and ran it. [u]No question asked[/u]. If you want to see Comodo’s question about “false utorrent” and xxxxx port you know what to do with that checkbox. It looks like hidden secret list “[b]WE[/b] cannot see” contains just filenames(?!). You see, I intentionally did not name & compile the app. as utorrent leaving internal name different because I was testing Prevx for the same reason. Guess what? The orange Prevx’s window comes up and notifies me about [b]EvilApp(!) [/b] That’s better isn’t it? So basically do I need to “inset” (physically) anything into the list or just show the false ID and bypass?.. Cause, I am in , and talking to outside world, and my app. doesn’t have interface. Forgot how they call those nasties…? (:WIN) I hope you or anybody can prove me wrong. May be I should put this Q in a separate thread? What do you think? Cheers