When someone installs a firewall, there is an expectation of a certain behavior. The default behavior of a firewall is not to let anything out without the user’s permission. This has not been the case with Comodo. I’m a little disappointed because there appears to be a disturbing trend that worsens with each major release.
With version 2.x, personally I thought was the best release as far as handling rules and operations. It was tight and uncompromising with security. It did have its bugs - it was version 2 after all, but the functionality, layout and default settings were unparallel to any other release. This particular release really was forged for technical users. Other people complained that it was too difficult to work with and Comodo couldn’t capture that many new users.
So with version alpha & v1.x, Comodo probably was thinking (I wasn’t around for this release) let’s see what we are made of and the infancy stages of development began. They liked what they saw and decided to push it to the extreme and v2.x came out. Technical users loved this release because for the first time, they had true control over their system and Comodo was becoming well-known. Due to the publicity, many new users were drawn to their site and tens-of-thousands of downloads happened. Then the unexpected happened… many uninstalled. Comodo realized something at this point, they became too technical for the average user, so they compromised by lessening security rules. After all, several users complained that they want to “set-it and forget-it”. They didn’t want to take the time to learn anything.
Those who loved v2.x downloaded v3.x with much anticipation… but was unaware of how much Comodo compromised their security to make the release more dummy-ized. I installed the new version on 3 highly-customized dual-boot systems and found out that several apps updated automatically because of this new “white-list”. I was so angry that Comodo didn’t give an option during install to turn this list off. Or at least warn users that their security was compromised and let them know that they can fix it by setting the firewall to “Custom Policy Mode”. Fortunately, I had Ghost images of all the drives and it only took 7-8 hours to fix instead of 17 hours per OS. I never said anything because I figured others would complain who were in the same boat as me. I let it go, thinking they wouldn’t do something like that again.
Then version 4x came out. Even though I figured Comodo wouldn’t compromise users again, I have trouble trusting once bitten. So I disconnected the net and uninstalled all the old versions and updated to 4x. Changed all the firewalls to “Custom Policy Mode” (just-in-case) because I don’t want anything getting out without my permission - plugged everything back in and was happy with that.
A few days passed and once again… software got out without my knowledge or permission. I can’t begin to tell you how disappointed I am. This time I don’t have a Ghost image and I have to rebuild 6 highly-customized OS’s from scratch (over 100 hours of work - a little ticked) all because of this “Network Security Policy” rule: ALL APPLICATIONS - Protocol: IP, ALLOW. (That includes spyware you know and who knows what else)
That’s why I’m disappointed. Each release is more lackadaisical than the last. Now not only do I need to remember to change the firewall to ‘Custom Policy Mode’, I now have to remember to dig through and find ALL APPS rule to delete it. The “set-it and forget-it” thinking is out-dated. We just don’t live in that kind of world anymore - the black-hats are too aggressive.
Comodo, if you are going to intentionally loosen security on your users, please let us know and offer an option to undo what you did during installation. Better yet, raise your standard back up and assume nothing is OK to go out. For all outbound communications, disable the white-list by default and offer an option to enable it during installation under advance settings, only. This way, newbies don’t know about it right away and season users don’t have to be scrambling around fixing, disabling and rebuilding things every time a new major release is out. The idea is, hopefully Newbies will learn about the ramifications of enabling this setting and can make an informed decision on whether or not they should.
The motto should be - when in doubt, block it - not let it out.