Why your support for Comodo is important to keep all users secure!

Learn about Computer Security Leak Testing/Attacks/Vulnerability Research
1

Here is a good example of why Comodo is different and why its important for you to continue supporting Comodo’s efforts in making end users secure, whether using Comodo or other vendor’s products!

Reality is, even competitors are benefiting from Comodo’s Research and Development and all the hard work our developers and volunteers do! So please continue your support.

Let me try to explain what I mean.

Comodo spends big $$ in Research into vulnerabilities and new techniques for protection and support this with further development $$ by building new products. Comodo shares its findings with the world rather than keep it to itself in an attempt to improve the baseline security available to everyone whether using Comodo or other vendors products. Comodo also has initiated and sponsored other initatives that has benefited end users using Comodo or other vendors’ products.

The point is: Comodo is one of the (if not the) driving force behind end user security, PERIOD!

Let me give you a real life example:

A small firewall company called Tallemu that makes XP only firewall that provides a cut down version of their software for free and charge for the full version.

I will show you how Comodo’s money and Comodo Volunteers time has helped this company improve its product hence benefited their users. This is a great example of how Comodo is driving and helping create more secure internet for end users whether Comodo or other vendors products!

  1. We launched An ICMP attack vulnerability and Tallemu has learned this new technique and improved their security with subsequent releases

2)We launched an initiative called www.testmypcsecurity.com and with the help of volunteers we tested and found security flaws in security products (including ours (:NRD) ) and our volunteers have found 2 very important security flaws with Tallemu product

   a) It was found that the Tallemu product was auto-allowing alerts if they were unattended.
   b) due to lack of flood protection, Tallemu firewall could be crashed by a simple flooding attack

I believe (pls correct me if I am wrong) (a) has been fixed but not sure about (b) however I am sure they will fix it soon as this is a very basic protection that any firewall should have.

3)We yesterday released a new vulnerabilities we found about how rootkits can bypass security products with these 5 tests. And once again you see below how Tallemu has benefited from Comodo by listening to Comodo vulnerabilities found and fixing them (i have attached a screenshot so that you can see how effective Comodo’s vulnerability research is and how well everyone respects our findings and act so quickly on it)

You see, only within last few months there has been more than 5 areas/incidents where Comodo has helped this particular vendor improve their security thanks to Comodo Vulnerability research and testmypcsecurity.com initiative. These kind of research requires extensive skill and expertise in the field of security and Comodo researchers are one of the best if not the best when it comes to end user security. Therefore, it is important for ALL END USERS that Comodo’s initiatives for securing the end users are supported!

I would invite everyone to contribute by joining testmypcsecurity.com and continue your support for Comodo! What we do benefits everyone!

Thank you all

Melih

[attachment deleted by admin]

2

100% Agree Melih! Great post BTW…

Comodo will always lead Security Software & Development!!! Even OA…

Josh

3

Even though Melih has given a good example, i would like to extend this list by pointing out how Outpost, Kaspersky, Jetico etc benefitied from our research by building protection against SetWinEventHook based DLL injection(CPILSuite 3).

Egemen

4

Ha! Look at this guy!
The six-shooters weren’t enough, now he is throwing down the gauntlet!
What an arrogant and cocky guy. :slight_smile:

P.S.: AFAIK high levels of arrogance and cockiness are hallmarks of all great CEOs.
(:WIN)

5

Gauntlet throwing: Isn’t about time somebody did? Most other security outfits just seem to see us users as cash cows most of the time. Good on him & Tall EMU. If it weren’t for them we’d all be poorer (both literally & figuratively).

6

Melih, people outside these forums do not thing D+ is the best, from testing it. Others don’t even believe in “HIPS”. They advise LUA, SRP.
Other OS’s! OpenBSD, Debian, Arch Linux, etc. Whole communities dedicated to free software (GPL), and dedicated to it’s security as well.

The World is big. No, not big, huge!

Cheers

7

that’s a fact, if comodo testing team didnt send them infos about failures we found when we started testing OA 95, they would be in a deep mess. OA 112 wasnt better, they fixed things in build 119. then i joined their beta team till build 128. build 127 fixed things with the help again of comodo testing group and I.
after i showed them how to crash OA by flooding it then i stopped collaboration.
the last comodo leak tests showed them fatal issues with rootkits and DLL injection so it seems they fixed it in build 131 (i can’t tell if it’s true cause i didnt test it) so comodo team helped them improve their product, what means comodo is not here to kill competitors but to protect OA users from a lot of issues.
so our objective is clearly to help FW users and protect them even if they don’t use comodo, the important is to show issues users can meet by using FWs that are not as great as the rumor says.
if people prefere using OA, it’s not our problem, we’re not here to kill competitors but to protect users that choose products with some big failures, so those users get only benefits with the work we do by testing products and show issues and it permits competitors to fix their FW so users can still use the product they prefere except new releases improve their security. don’t care if they use OA or comodo, what is important is to continue testing FWs for users security.
and our work on OA testing was a real benefit for their customers, people maybe forgot that what we care about is not to force them using comodo but to use a product that really protects them.
we prooved enough that our work deserves all customers, in other case why would we inform competitors about security issues they have in their FW solution?
the result is new releases that fix issues comodo found that improves the security of their customers.
so who can tell that we work for comodo supremacy? we work for users security, that’s all.
get it?

8

So all I did in comodo D+ and the FW is turn some exta stuff on. And in the AV i turned it up to “on access” and told the AV to block threats instead of quarentine them. I have it on proactive security and i told D+ and the firewall to just block requests instead of bothering me with them i have port 135 on TCP and UDP blocked In/Out and destination port and source port…and i told D+ to NOT auto detect installers