Wonder if Comodo can withstand such an attack and protect its users? (not asking if a single computer with CF could withstand…)
So what are you asking more specifically? The forum? Main website? DNS servers?
Comodo servers. If servers get hacked can’t users got hacked too via their Comodo programs for example. I read that google could easily overcome such an attack, so I just got interested if the security suite I use can too…
DDoS (Distributed Denial of Service) is not the same as hacking, DDoS is simply overflowing the target with bogus data so legitimate data doesn’t get through or gets slowed down significantly (might be a tad oversimplified) During a DDoS attack against Comodo servers then “Protecting their users” would be irrelevant since there’s nothing to protect them from, rather Comodo would be more interested in protecting themselves from going offline.
Edit: If Comodo were to be targeted by a DDoS attack then the worst case scenario for you as a user is no antivirus definition updates as well as no cloud lookup, that’s not as bad as it sounds since unknown malware would still be sandboxed (In the case of CIS and default settings)
If you yourself were to be targeted by a DDoS attack then there’s nothing a local program on your computer can really do…
Well, I of course agree with you Comodo itself would be the main target than its users, I’m just randomly reading websites and some says ddos also can be used for install malware and steal data, e.g. this article- http://www.itbusinessedge.com/blogs/data-security/ddos-attacks-download-malware-steal-data-according-to-new-studies.html
I just imagined if someone take hands to remotely control antivirus server and sends malware via definitions update would be “fun”
Anyway hope protonmail will overcome this accident soon.
From what I can read they’ve found a correlation but that does not equal a causation, it’s not the DDoS itself that infects targets, it’s more likely to be there to distract the target while the intrusion is taking place, giving them more time to complete their goals. Of course that kind of DDoS would be smaller than one designed to take servers down, since if the target goes down then the infiltration, which is their main goal in such a situation, may fail.
But lets entertain the thought that Comodo servers were to be infiltrated, to send out malware via definitions the attackers would first need a payload to send and secondly that payload would probably need to be in the right format for the program on the users computers to even install it in the first place (maybe even requiring them to be digitally signed by Comodo but I don’t know about that) and then they’d have to figure out how to actually send this out to users, I’m sure Comodo has some proprietary software to do that and so they’d have to learn that in the time window they have to fulfill their attack, and beyond that the software may require an authentication code or password to send out those updates in which case they’d probably be found out before they’ve gotten those. But do note that all of the above is just hypothesis and guesses, maybe the servers have clear text instructions on the desktop of how to do all of that… who knows? I don’t. I personally don’t believe such an attack is likely, if tried then probabilities of success are probably low (again, can only guess) I’d be more worried about the data stolen from those servers…