Setting to pass PC Flank Leak test? [Resolved]

You can amend your initial posts title & append [RESOLVED] to it.

I don’t pass the test. Where is the problem?

And what happen? What are you doing? (give us more information how you perform the test)

Double click on pcflankleaktest.exe, start iexplorer, write a phrase, click next and a popup saying the test failed appears… ??? What is wrong???

PC Flank always claims it has succeeded when it manages to pass its message to MSIE. But, MSIE needs to get that message to PC Flank’s web site for its test to succeed. Did you check PC Flanks web site to see if your message string got there or did CPF pop-up & warn you?

Don’t believe me? Simple test. Run the test off-line. Still says it worked right?

Well, when I click to see the string on its site, comodo alerts me with a popup and if I don’t allow, the page doesn’t load. In other words, this test is a “ciofeca”, just as we italian say…a fake in english…

No, I wouldn’t say that. PC Flank is a genuine leaktest & a valid one. It’s just a little optimistic about claiming success.

OK Kail I’ll bite:

Kail, Please include a screen shot of CPF passing the PC Flank leak Test.

Kail, Please help to put an end to the hype (killing the internet connection doesn’t count).

Kail, When will CPF deal with its’ own OLE deficiencies?

Kail, Please be the First to explain.

Kail, I do like CPF.

Kail, Peace Out.

Perhaps you remember this from an earlier post.

<<Hi, I will give you my take as I have others. With OLE automation, an application such as PCFlank test is basing this on communicating with IE. Now, keep in mind, OLE is integrated into windows for applications that cannot\don't have and ability to connect to their server on their own. Not all are bad and many may be needed. IE is not a WEB BASED browser, IE is also integrated into Windows, being a part of. So in fact, when this occurs and PCflank communicates with IE, it's communicating on the OS level, not internet. You would in fact have to disable OLE automation all together. So what PCFlank is saying, because there was communication from two OS based beings, it has failed. Now, I have unhooked my pc altogether, ran the test, still said info was sent. Obviously it wasn't , so , is this a bit misleading?

Please read what it says on the site,

If your text is not shown, you either didn’t take the test, your previous IP address was different from your current one or your firewall successfully prevented the leak of data

This does not state you should see the box stating it passed. I have emailed them a couple of times waiting for a reply on how they consider a firewall leaky when PCflank uses a natural OLE automation that any application can use, no word back and it’s been quite some time, hmmm. When I get info, I am making a post for others to read.

I wonder, when I click on the IE icon, that is communication with the browser telling it to open. Is this a leak as well?

I understand your thoughts on this and very good questions Wink but just something to keep in mind and perhaps this issue will get ironed out soon, many have wondered the same.

Take care,

Paul>>

Your reply…

<<comicfan2000,

Thanks for explanation. I understand. I don’t think the test will be changed when there are now 2 firewalls that pass with a drip-less faucet. This is where it becomes difficult to understand. You have pointed out, quite correctly, three scenarios of test results. There is a fourth, which is a flat out pass.

I agree that Comodo does not pass text info to the webpage. Therefore, it should be conclude that it passed the test. To remove all doubts and confusion among users who compare differences in various firewalls, Comodo should achieved a drip-less faucet. It would take all needed explanations off the table and become a nonissue.

We both agree that Comodo successfully prevented the leak of data. It’s just that there will always be needed explanations as to why it doesn’t show it like “X firewall” does.>>

Ok based on this, it’s simple to answer your question. There are more than one method to stopping an application from sending to the internet. One, stopping OLE , which I don’t like since some applications need this, 2, preventing it at the browser access level, which is what CPF does but not defined by PCflank.
I quote once again from the site…<<<If your text is not shown, you either didn’t take the test, your previous IP address was different from your current one or your firewall successfully prevented the leak of data>>> It doesn’t specify you having to see a faucet. This is why I don’t like PCflank testing.

I hope this helps a bit anyway, back to coffee…

Paul

Thank You comicfan2000,

What? Lets be friends.

I appreciate your response but I do not think it was necessary nor appropriate for you to respond for someone else. It is never a good idea. However, since you did, I would appreciate your candor regarding any or all of the concerns that I have brought up while waiting for a response from Kail. I hope you are not offended. None of some users’ concerns are new or unknown issues. These concerns are being actively addressed by COMODO but I may have mistakenly understood.

Peace

Peace and what exactly was it you quoted?

Peace out - I assumed we all wanted the same protection.

Well, no offense taken but allow me this…the forums are open to whoever wants to respond. This is the way it’s set up and there are no rules on who can or cannot respond regardless if someone thinks otherwise. <unless Dean Kelly of course ;)> I say this because there is no hushing users up in the forum and just want to state this so you or others know as well. While courtesy needs place here, I agree but it’s not always going to happen.<And no, I don’t assume you meant this but felt a good time to say such in this particular event.>

That said, I was not responding for anyone, I responded in hopes that this would refresh your memory and answer your question, it had nothing to do with Kail, he’s a big boy and can handle his own without my need to jump in. I was not even taking sides or anything of the sort. As a moderator, if I see a question, I answer it or help, this is what I do.

I am not offended either and like I stated, I remembered our conversation and thought it would be helpful to bring this back into light is all. I am sorry you took it as you did but rest assured, I wasn’t taking sides or coming to anyone’s rescue here. Just trying to answer a question. So no harm done, I am not offended, I have a mother in law and I am becoming immune rather quickly. :wink:

Paul

It is as Paul says, CPF blocks PC Flank in a way that the developers of PC Flank never envisaged. PC Flank does not know, and cannot know, it has been blocked. The PC Flank test judges itself successful if it succeeds is sending an open MSIE window a message without error. This is why the impossible happens & it also succeeds when you’re off-line (it doesn’t know what MSIE did or didn’t do with the message). After all, as PC Flanks says, it is only deemed successful if it manages to return the test string to its site. CPF alerts the user when MSIE attempts to send the message. Why? Because MSIE has been sent a message by PC Flank & could have been compromised/subverted. CPF is merely way above PC Flanks head. It’s not a deficiency of CPFs, leak plugging is one CPFs strengths.

kail,

Thank you for your answer. It is very much appreciated.

Are you saying that of the Firewalls that pass this test with a “drip-less faucet” never envisioned how this particular test is supposed to be passed?

Furthermore, can any CPF user expect to surf the Internet after “passing” this test with CPF’s definition of successfully passing this test?

On a final note, can you please explain what is meant when you said “CPF is merely way above PC Flanks head.”?

Must…resist…urge…to …answer…

comicfan2000,

So, I’m getting to the age where drip-less is important. I did imply in another post something to the effect that this issue will pop up again and again.

If COMODO deals with it; CPF’s handling of the test will never arise again. Non-issues are like that.

You know, you are as strange as Aowl only without the sense of humor. :wink: :smiley: But to the point, is it Comodo’s responsibility to deal with their leaky faucet? The test is very misleading and that’s not because of CPF, I didn’t like it anyway. I do see your point but I think PCflunk needs to be more precise . As well, I emailed them numerous times and have been completely ignored. They won’t answer about that test for the life of them which makes me question them even more. I say, get a plumber darn it!

Paul

munckman

Sorry for the delayed reply.

Are you saying that of the Firewalls that pass this test with a "drip-less faucet" never envisioned how this particular test is supposed to be passed?

Furthermore, can any CPF user expect to surf the Internet after “passing” this test with CPF’s definition of successfully passing this test?

On a final note, can you please explain what is meant when you said “CPF is merely way above PC Flanks head.”?

What I meant by this is that CPF blocks MSIE from sending PC Flanks message. PC Flank only envisages that it can be blocked when it attempts to pass the message to MSIE (which I assume like the other Firewalls you’ve tested), not that MSIE itself could be blocked from sending the message (which is what CPF does).

Bottom line: There is no problem with CPF in this regard, the fact the PC Flank does not detect it has been stopped by CPF is an issue for the Developers of PC Flank, not Comodo.

I’ll take that as a compliment. Did you just dis Aowl?

I do think it is Comodo’s responsibility also.

I believe I have also been ignored. I hope that CPF will address this and the other issues in the upcoming 3.0. I do not believe it is the “Plumbers” responsibility but I do think it is the “Firemens.”

To me Drip-less means that there are no drips. Either CPF gets no drips or it gets drips. Please no in-be-tweens. It has been alluded to that CPF will include a sandbox. Hopefully with this particular addition , this issue will not pop-up again.

I hope that I’m not misunderstood because we all want the best.

Kail, I must be thick as a brick, but … can any CPF user expect to surf the Internet after “passing” this test with CPF’s definition of successfully passing this test? Please respond with yes or no. Just so it is easy for me to understand.

First, yes i’m dissing Aowl. ;D It wouldn’t make my day if I didn’t. As far as being a compliment well, you would have to discuss that with him. Kidding, he’s good people. Seriously, I can’t agree with it being CPF’s responsibility for one main reason…

PCFlunk, can’t specify if a leaky faucet or text not showing is passing. If they don’t know, how can firewall makers know? It clearly states that if text not shown, this could mean your firewall has “SUCCESSFULLY BLOCKED” the attempt. Now, this to me means it the “passed”. If it said, well your firewall sucks and may have blocked it, but by our standards it still failed,…even that would be more precise I think. I hope you see where i’m coming from. It’s like saying, yes, your firewall blocked and passed but we are keeping a low tone since it wasn’t OUR way. I can make you a faucet in Gimp if it’ll at least ease your mind a bit :smiley: Yes another excuse for me to do some graphics work. Then I can tell the wife i’m busy doing such and such…after 15 years, gotta have good excuses. :wink: OR> :■■■■

It’s strange the way they work it but yes I also see what you mean as well. However, should Comodo change their whole firewall on account of PCflunk not being specific? Go to shields up and using CPF I had passed saying my desktop was “unusually secure” for windows desktop. I never got that until using CPF. Well, you can try it anyway, it’s free. But I do see your point once again and hopefully this will all be put behind us one day. If PCflank considers anyone “good enought” to reply to. >:(

Paul :■■■■