[Merged]CIS Auto Submitted Confidential PDF Files to Comodo[Fixed in Build 1236]

I find private PDF documents were automatically submitted back to Comodo by CIS 5.X. I think that is a critical issue for CIS as it hurts user privacy and user’s confidential pdf files may leaks out to the public if there are any human or system mishandling of the pdf files auto submitted. I also don’t want any Comodo’s staff able to view my confidential documents too.

I try to avoid openly discuss this issue in the forum and PM to Melih about this issue in Jan. Melih seems to agree that this is a critical issue and replied that they are in the middle of their investigation on scenerios where this might happen and fix it immediately.

However, I find the latest discussion related to the problem still saying that “this is the designed behaviour” and EricJH just ask me to make a wish in Wishlist.

The reply from EricJH is totally different from Melih and it seems that I cannot avoid openly discuss it anymore. I hope there could be some formal reply from Comodo if the development team are going to fix this critical privacy issue or not.

PM to Melih
Dear Melih,

I find private PDF documents were automatically submitted back to Comodo by CIS 5.X. I have search the forum and find no similar post except the one below;
http://forums.Comodo.com/defense-sandbox-help-cis/stopping-sandboxing-of-pdf-files-t66345.0.html.

The above post seems not been look into seriously as it does not point out the critical privacy problem - PDF files in a USB drive that being treated as unrecongized files are automatically submitted back to Comodo. I just find this out in a notebook I manage and the user’s financial statements and confidential company document have been automatically submitted to Comodo. I have also tried this out in a VM with configuration below and CIS do submit the pdf file too.

WinXP SP3
Comodo Firewall only with D+ Version 5.3
Adobe Acrobat Reader X
Opened a pdf file in a usb drive by double clicking it in explorer.

I do not openly discuss this in the forum because I think this is a very serious problem. I afraid Comodo will be attacked by competitors once they discover this. I also afraid that the documents may be viewed by your personnel and be disclosed.

I don’t know if you aware of this critical privacy issue. I hope your team can fix this problem asap and please also ensure that any pdf documents uploaded will be distroyed and will not be disclosed.

Best regards

Jonathan

Reply from Melih
hi Jonathan
we take our users privacy very seriously. We are in the middle of our investigation on scenerios where this might happen and fix it immediately.

Melih

Latest discussion
http://forums.Comodo.com/defense-sandbox-help-cis/every-pdf-now-causes-2-popups-t68895.0.html

Yes, any PDF which you open in a pen drive will be automatically sandboxed and submitted to Comodo.

What the ****? This really scares me before I moves to the CIS world :embarassed:
These are more than secure. Not just about privacy issues, but this would slow down my already-slow-and-unstable 1Mb broadband.

If you do not want anything submitted to the cloud to be checked just untick the two boxes in Defense+
Screenshot to show.

Dennis

[attachment deleted by admin]

I have had many pdf’s in my computer and any of them has been send to CIS, under what conditions a pdf is send to the cloud?

this is about pdf files and the problems

http://www.computerworld.com/s/article/9176117/PDF_exploits_explode_continue_climb_in_2010?taxonomyId=17/Newest_Adobe_zero_day_PDF_exploit_scary_says_researcher

It’s been a big problem. Next to Internet Explorer, malware writers have been targeting .pdf files. Mainly

Title has been changed

If you put the PDF files in a pen drive and try to open them from the pen drive itself, they will be automatically sandboxed and submitted to Comodo.

Me I have no porblems that .exe files are automatically submitted to Comodo but not my private PDF!!

This is a major problem about submitting private and confidential files to Comodo when using the Comodo Cloud, and I’ve had mine cloud disable I would like to used it but I’m very concern about privacy.

I beg your pardon , Jay :o

What in Hell (excuse my French) that has to do with “Next to Internet Explorer”… and the link provided?
Who in this Universe doesn’t know about <>.PDFs vulnerabilities ?
That is why <>.PDFs and <litle&soft>.DOCs (another one) are not even allowed to be sent as an attachments in most of the forums … that’s understandable and is a different issue

The privacy is a concern

My regards

p.s. let’s not start about similar and even more privacy problems with DACS … Please do not mix it with alleged legal issues re: P2P nods, but the privacy of the files being sent (almost !ot! but has to be mentioned in the context)

Jay,
I changed back the title as your change just undermind the critical privacy issue of the problem. The title should pin point the cirtical subject in the thread. If you think the title is too scaring, it just reflect how serious is the problem and the development team should fix the problem asap instead of changing the title of this thread.

I’m very concren that there is no formal reply from the development team. If Comodo is not going to fix this, CIS users should be well inform of this privacy issue in using the cloud features.

What in Hell (excuse my French) that has to do with "Next to Internet Explorer"... and the link provided?
Until adobe created a sandbox(the newest versions have it) It was favorite target especially with exploit kits.
The privacy is a concern
Of course it's a concerned, I believe it being looked into, (I'll find that post and post it here later) I believe the main issue is that comodo is intreasted in is the java script part of the .pdf file
I changed back the title as your change just undermind the critical privacy issue of the problem.
I'll let this one slide >:-D

I’m going to move it to the “Bug Section” because this is a issue that needs to be looked into by the developers.

This is one weird reply
… together with changing a subject line and moving “to bugs section” ???

Am I loosing it ? No!

Again we do know about Adobe / MS and the vulnerabilities of their documents

Who cares about Adobe own sandboxing or any other method they may or may not find in order to fight that?

The question was not about that it was rather about … Oh ! please just read it again please

My regards

Please do not move it to bug section unless it is confirmed that development team treat it as a bug and are going to fix the issue.

Is it a bug or a designed behaviour?
We need the formal position of Comodo?

(Please be noted that actions will be differents according to the positon of Comodo
If Comodo treat this as a bug then I can wait for the fix;
If Comodo consider this as a designed behaviour, it is better to initiate a poll to collect user feedback on the issue that whether CIS should auto submit pdf files in usb drive.)

Who cares about Adobe own sandboxing or any other method they may or may not find in order to fight that?

The question was not about that it was rather about … Oh ! please just read it again please


LOL, I think that goes on the same line as Kaspersky with it’s ad blocker

Again we do know about Adobe / MS and the vulnerabilities of their documents
Me and You know that, but I don't think the average person does. Nor do I think the average person takes the time to keep up with the newest vulnerabilities

This is a serious bug issue and it does need to be fixed, right (Isn’t that what the topic is concerning) If this isn’t a serious issue, then I don’t know what is
From what I’m told it’s not a bug issue

About 11 posts above this one, has a solution for you

Dennis2 Global Moderator
Just follow what he wrote

No LOL , excuse me
Are we bringing Kaspersky into this discussion as well? What else ?
Again… who cares!

It seems like you are not willing to understand!

Please do not throw me “11 posts above”. Usually I do read all threads thoroughly.

I do understand what Denniss said … and that is not a solution neither for “ordinary” nor for experienced user

Completely disabling cloud , “shmoud” and many other wrongly implemented ■■■■ - most likely that is a solution :-La

Try to explain that to all categories of users … “ordinary” ; “not experienced at all” ; “very experienced” ; etc .

My regards

IMHO, and this is purely my opinion as a user - not as a mod, uploading PDFs without explicit consent from the user is wrong.

CIS cannot determine the nature or the intent of the user generated content within the PDF and therefore cannot determine if the contents are or should be treated as confidential.

Maybe CIS should have a second alert prior to sending a users PDF’s out into the big wide beyond.

Until something liek this is introduced, I will be turning the cloud based analysis OFF and will be recommending that all my clients (that use or generate PDFs) do the same.

Sorry, Comodo, but this is a fail.

Ewen :slight_smile:

Very wise and correct opinion, Ewen and “this is a fail” indeed

That is what users were concerned about & that’s what I was trying to convey to no avail at this point, since Jay is kinda pushing it into completely wrong direction

Actually not only <>.PDFs are involved but basically any type of files

In addition that’s a big issue as well for another area, mentioned above

Cheers!

I can understand sandboxing pdf’s for safety purposes, but submitting them to be analyzed is too much of a privacy concern.

How about if they automatically sandboxed pdf’s, but they didn’t submit them. I think that’s the best (and easiest) solution.

Yes this would be fine for most users I think. However Comodo will not receive malicious PDFs from users then and the cloud BB also will not work, but this is the only way.

Regards

Hi ComoJust,

Since the privacy is a concern Comodo’s cloud or whatever doesn’t matter
In addition , despite that is !ot! - there is no such thing as “cloud BB” - that was discussed in other threads. There is an attempt of having some kinda “behavioral analyzer (CIMA) with all its weaknesses.
Therefore, there are other set of discussions about existing promise and the necessity of having local BB.

Cheers!