keylogger can bypass comodo 7 beta [video] :(

sd_ahmad · January 30, 2014, 6:20pm

hi

Product version: COMODO Internet Security 7.0.308911.4080 BETA
2.Operating System:xp3 (x32) runing by VMware Player
3.Configuration: Default IS configuration
Skipped Comodo by key logger
link video
http://www.gulfup.com/?iGUZTh

Chiron494 · January 30, 2014, 6:29pm

Actually, it is intentional that keylogging such as that is allowed. Keylogging programs which are not hidden in the background are allowed. I believe this is meant to allow many programs which require access to the keyboard, such as unrecognized text programs, to function correctly. I believe you will find that as you increase the level of the Behavioral Blocker the keylogger will eventually either not be able to run, or if it is able to run it will not be able to log keys.

Thus, as this is intentional, although it may not be a choice of defaults which I entirely agree with, I will move this back to the main Beta forum for discussion. This is not a bug.

Thank you.

sd_ahmad · January 30, 2014, 6:48pm

But the default mode will send information to the hacker because the firewall allows any application to contact

Chiron494 · January 30, 2014, 9:48pm

I absolutely agree with you about this danger. Therefore, that’s why I think it’s very important that Comodo at least change their defaults such that by default unknown apps cannot connect to the internet, hence the importance of the wish here:
https://forums.comodo.com/format-verified-wishes-beta-board-cis/by-default-unknown-apps-should-not-be-allowed-to-connect-to-internet-808-t101403.0.html

sd_ahmad · January 31, 2014, 12:31am

Is it possible that the company Comodo agree with this suggestion

Chiron494 · January 31, 2014, 12:36am

I would advise adding to poll to your wish (if you are not able to do that, you may ask and I can set it up for you). You can then create a post in the release topic and ask people to vote for it if they like your wish.

rejzor · January 31, 2014, 7:37am

Keyloggers fall into PUP (Potentially Unwanted Programs) section. Should be detected but aren’t necessarily bad. But they can be misused…

sd_ahmad · January 31, 2014, 11:10am

??? keylogger very dangerous can transmit all your bank accounts, passwords and other

rejzor · January 31, 2014, 1:23pm

You’re mixing commercial keyloggers and malicious keyloggers. The first ones are like the name suggests commercially available to consumers in a legit way, dedicated to for example monitoring of what kids do on the internet, what and to who they type etc. Malicious ones are what you describe. Two very different things. The first one is under users control and logs locally. Malicious is not and transmits sensitive data to 3rd party without any user consent or control.

spywar · January 31, 2014, 7:37pm

Here is a fresh malicious keylogger

As you can see it’s well covered, and most of them (like malware) are.
Commercials ones are as RejZor told us, considered as PUP (AppUnwnt with Comodo).

ad18 · January 31, 2014, 7:49pm

For many users I think all keyloggers are unwanted. There can be some good uses but most are probably not wanted by users.

siketa · January 31, 2014, 8:25pm

TypingTutor-like utilities are example of white apps…

sd_ahmad · January 31, 2014, 9:42pm

+1