What information does the firewall send/store, how do you use it?

Hi there,

I am just asking what info the firewall stores and/or sends, how you use it and how I stop the info, if any, from being sent.

I just do not like data leaks.

Thank you.

Good questions! Apparently Comodo needs to download digitally signed certificates and contact certain IP addresses once in a while. There is no reason for it really. But they do sell SSL certificates, so who knows. Browse a couple of recent topics about similar problems.

Things like this are written in the terms of agreement, when you agreed on them.
Thats why you should read them.
Thats why you should make settings first, before using.


I am asking because I have had a recent experience in which an antivirus company has been rather shady about what they are doing, the agreement was changed, but only updated on the site.

Its a simple question with a simple answer.

I am well aware a connection cannot be made to a server without handing over an IP address, whether it is proxied or not so I know that data will be held.

I am not a lawyer and would prefer to not hire one to read through the weasel words and get to any hidden truths within the terms of use, I didn’t think it was a hard question to answer.

Personal information is collected from customers only after obtaining consent, which is obtained when customers are prompted for information when subscribing to the services, by using a Comodo website, downloading a product, or requesting further information.

So what is defined as “Personal information”?
If you want to create trust online, you might want to become more transparent than the vague agreements I found on the site.

I feel The Force is with Sweety >:-D

“Personal information is collected from customers only after obtaining consent, which is obtained when customers are prompted for information when subscribing to the services, by using a Comodo website, downloading a product, or requesting further information.”

Whenever you are prompted for information and inserting it (or giving consent to by enabling something like cloud etc), the related data will be saved/used for this service.
I would call this clear.
You have the choice.
Your data is not the income of comodo.

I think, in america where you have to explain to people that animals should not be dried in a microwave, to avoid paying millions for the mistake that you didnt wrote this explicit warning,
there you need to have such agreements to avoid simillar problems.
“I didnt know that my name was saved when i subscribed to a service. I didnt know that i send files when i take part in a cloud… They have to pay me millions now!!11!!!”

If someone wants to do shady things, he would just do it. Because shady things are not legatimized by being written in a terms of service. But there they would be readable/detected.

The terms are there to protect comodo. They are not there to exploit you.

Would you answer the question please?

“Related data” means nothing.

Why are companies so unhelpful when it comes to this. I know most do it, I just want to make an informed decision as to what products I choose to use and recommend to clients.

Hi SweetieBelle,

Firstly, I should point out that, although this forum is owned and provided by Comodo, it is pretty much run by volunteers who have no affiliation with Comodo beyond their voluntary participation here.

Bluntly asking other forum members for answers about Comodo’s data collection/retention policy is unlikely to get you an answer worth putting your money on (No offense to those who have already replied. ;)).

I’ll see if I can get someone from Comodo to comment in this topic.

Ewen :slight_smile:

Ahh, thank you for your help

Not a problem Belle. :wink:

I can’t personally guarantee that they will respond but, in all my dealing with them, I’ve always found them to be a “good” company (as opposed to an “evil” one) and very open and honest in their dealings.

Ewen :slight_smile:

My attempt wasnt to speak for comodo. I am the dude who blocks the program from connecting to the internet, by routine :smiley:
I tried to remove worries from the “wrong” spot, and to explain the appearance of “vague” terms.
Look, even IF someone is answering to this topic, you can not know what happens tomorrow.
Like the shop in the internet that tells you, we dont sell your details. Then, weeks later you read in a news that this shop got hacked. And you wonder why you need to have the luck to read in a news that your details are out in the wild.

Manage your details. If you dont know if its ok to send files into the internet, dont use clouds. Dont trust.
Look, and decide.

Much more important than “the data” is, how is it protected? Do i have a benefit from submitting anything? Is it necessary?

Block what you dont need. Thats my basic opinion :slight_smile:

If you are using facebook, you should cry yourself into sleep, when you are really worried about this :slight_smile:

I use a hardware firewall by rule of thumb, I was hoping comodo could be used to protect my data and prevent leaks while out and about (As I use a laptop on other networks).

Of course, policies may change tomorrow. I mean, aside from going online, there is little one can do. Do we trust Comodo to stop itself from “going online”?

I know the antivirus I used, sends ALL domains I access to a cloud, and this is extremely common. When I tried to get answers on their forums, I was abused and called an idiot for even requesting such information, I am glad this forum is actually helpful, kudos guys.

Comodo claims they want to create trust online, they can do this… if they come out and state they will not ever retain data, such as the things antivirus companies gather, then perhaps they can be the ones that are trusted to protect. I understand the way networking works, and I believe they would log the IP of all machines downloading updates. As much as this is identifying, it is not what I am worried about.

For all we know, the firewall is being used to establish a “web trust system” where comodo can display a trust rating for websites/domains, as other products do. I would just like them to come forth and tell us what data they gather, why, how it is used and what we can do to stop it, to “opt out”.

Sounds fair to me.

I am using an antivirus that would have such features (if i had not disabled them right in the installation process). Scanning everything, looking up links, scanning in real time the streams in your “wire”, sending to a cloud for looking, sending unknown files (is my pdf unknown to them???), valuate (everytime you are pressing a file on your desktop) into the net… and things like this.

I did not waste a second of my time to try to dig through words to know if they are good or bad. You will find fanboys who would praise, you would read the terms; if you would have worries, you are anyway on your own, like you described. So i act allready like being on my own.

I think:
Do i need these features?
Do i need someone to look on my fingers when pressing things on my computer?
And most especially, if an antivirus is signature based, what benefit do I! have by using a cloud? Clouds are fine ways to create luck for many by taking informations from unlucky people with an infection. Without unlucky users, a cloud does not make sense at given moments.

I can tell you after virus free decades, you dont need those features. When you introduce something to your computer, be cautious. Make sure its trusted source. Dont do stunts (without a real sandbox).
When you dont want to introduce something to your computer, something like comodo is blocking it. My sandbox is erasing it.

You only need new definitions. Apart from that, security can work without any connection.

Go ahead with your question, i am interested in such statements too :slight_smile:
But make your choices primary related to real needs. Not advertising. Think about it.

Random quote about a random cloud feature of a random antivirus:
“By participating in our cloud, you get early access to new detections and you get usefull evaluations about the programs you are about to use.”
This sounds like you are getting something. But if you translate it into cause and reaction, its obvious that you will be rather a part of delivering.

Something else to consider with CIS and the servers. If you have cloud scanning or lookup active, that would also be sending to the servers.
Just a thought

Yes, last but not least, never use something without making the settings :slight_smile:

Btw, the best ones are those who would allow you to update manually offline too, giving you a bag full of choices (you just have to make them). Like comodo and some others do.
When a company has millions of users, they would not risk that one of them (for sure) would detect one day that things are send, even though a block is present.

Most antivirus products let you download the update itself, many sysadmins use that and push it to remote pc’s to ensure up to date definitions.

I disable all cloud features, I do not need them. Thing is, I ask because I do not know whether to trust certain software or not. If I cannot get an answer, I will have to put another pc on this network and capture all packets, then analyse them for security holes, given the amount of work that will take, I would much rather ask admin if there is anything I should know about.

A “bad guy” would not give you the right answer! In both cases, good or bad, you will get the same answer :wink:

Feel free to investigate things. A lot of people are doing this here in this forum. As long as your arguments are backed up with facts, you will not meet problems.
Its not like in specific other forums:
“Your product is better than ~snipped~” :smiley:

A good forum makes a product becoming better. I get the impression that comodo is interested in having a better product.

Comodo firewall does not get used for such a purpose.

In my experience I have never noticed any such traffic. I monitor all my traffic for all applications via Wireshark and ColaSoft Capsa, and would have noticed fairly easy. The small amount of data sent to the server during a database update seems normal. Never use cloud scanning so cannot speak about that. I have noticed a few connection attempts that gave me pause. cmdagent.exe trying to connect to Akamai Technologies , Level Three Communications , and Road Runner Holdco in Hearndon, VA. Not sure what that’s about but always blocked.

All in all I think Comodo is trust worthy. At the same time it’s a company and the goal is to make money. I really don’t care what they know about me as far as personal information. Just as long as there is no technology tracking my movements online. That would be a massive invasion of privacy.