Comodo again

[Richard Steinfeld]

Hey; has anyone tried Comodo firewall lately?

They've fixed up their web site in response to suggestions from mostly us.

The story so far: a month or so ago, there was quite a lot of interest
in this product -- some of us were looking for an alternative to Sygate
Firewall, which had been abruptly gobbled and squelched by Symantec.

Comodo seemed to offer great promise, especially because it was one of
almost no products, paid or free, which could block the "Tooleaky" test.
But those of us who attempted to download the program and install it
were frustrated by intricate, arcane processes that didn't work, almost
total lack of any documentation, even the lack of posted system
requirements. And some severe translation problems that rendered the
friendly support answers incomprehensible. It is, however, very
encouraging to see that the company has indeed been responsive to our
suggestions for improving their web pages. So, it may be time to dip
toes in the water again.

I'm in chicken mode right now; I want someone else to go first while I
lurk in the background, picking and choosing. And, of course, passing
judgment and issuing grand pronouncements. I'm good at that.

Richard

 

[Ninou]

Le Sat, 28 Jan 2006 14:50:34 -0800, Richard Steinfeld

Hey; has anyone tried Comodo firewall lately?

They've fixed up their web site in response to suggestions from mostly us.

The story so far: a month or so ago, there was quite a lot of interest
in this product -- some of us were looking for an alternative to Sygate
Firewall, which had been abruptly gobbled and squelched by Symantec.

Comodo seemed to offer great promise, especially because it was one of
almost no products, paid or free, which could block the "Tooleaky" test.
But those of us who attempted to download the program and install it
were frustrated by intricate, arcane processes that didn't work, almost
total lack of any documentation, even the lack of posted system
requirements. And some severe translation problems that rendered the
friendly support answers incomprehensible. It is, however, very
encouraging to see that the company has indeed been responsive to our
suggestions for improving their web pages. So, it may be time to dip
toes in the water again.

I'm in chicken mode right now; I want someone else to go first while I
lurk in the background, picking and choosing. And, of course, passing
judgment and issuing grand pronouncements. I'm good at that.

Richard

What do you thing about Filseclab Personal Firewall
Professional Edition ?

http://www.filseclab.com/eng/download/downloads.htm

Thanks

 

[Allan Higdon]

What do you thing about Filseclab Personal Firewall
Professional Edition ?

http://www.filseclab.com/eng/download/downloads.htm

Thanks

My OS is XP Home SP2.
In the short time I tried it, I kept getting a BSOD. :-(
I went back to Sygate.




--
"Truth does not change according to our ability to stomach it."
~ Flannery O'Connor

"The moral rot of political correctness runs deep today in both national
parties."
~ Patrick J. Buchanan

 

[Kerodo]

What do you thing about Filseclab Personal Firewall
Professional Edition ?

http://www.filseclab.com/eng/download/downloads.htm

I thought Filseclab was a great little rule based firewall, but the one
problem I had with it was the cpu usage spikes. Cpu usage hovered
around 4-5% with spikes up to 10%. For me, this is too much. Every
other software firewall ran at 0-1% max. Aside from that though, it was
a nice firewall.

 

[garry]

Richard and all,

Don't be afraid to try the Comodo Firewall, and feedback comments, good
and bad.
We need to hear comments from both side,good and bad, to continue to
evolve
the product.

Please make sure any comments are sent to the support team and they
will send them to the developer.

Garry
Head of support and Customer Care

 

[toodeloo]

you still don't have a clue how to do good promotion for your software
products.
It must be very nice to be Head Customer Care, but I also would like to see
a link to your firewall product.
You should at least do a lot better promotion for your product(s).
Trying to find the firewallpage? with www.comodo.com didn't help me much.
No firewall information at all to find on that page.
You and Comodo are great in giving no real information.
I love that!!; prevent the users for your dangerous products.

Richard and all,

Don't be afraid to try the Comodo Firewall, and feedback comments, good
and bad.

what about a course "how to promote our products"?
You don't seem to have learned a lot from the previous Comodo thread.

We need to hear comments from both side,good and bad, to continue to
evolve
the product.

yep. The registration frustration still exists.
That means for me : I refuse to test your firewall.
It's a 30 day trial product and your company is a threat for the internet
community.

Please make sure any comments are sent to the support team and they
will send them to the developer.

Garry
Head of support and Customer Care

I found some real interesting info :

http://www.libellules.ch/dotclear/index.php?2006/01/02/727-comodo-personal-f
irewall

( part of the page )

Important News About Comodo Firewall - We Are No Longer Recommending It!

As most of you know, the free firewalls are suddenly not free any longer.
While it appears that Kerio will once again be offering a free version
someday (they were recently purchased by Sunbelt software) they do not offer
one as of this writing. Recently, in our quest to find a good free firewall,
we came across "Comodo" firewall. We tested it and found it to work well and
began to recommend it to our readers. We did our research on the program but
not on the company that makes it. We have since learned that the same
company that makes the Comodo Firewall, also makes an Internet Explorer
Toolbar called, paradoxically, "Trust Toolbar". It appears that the Trust
Toolbar is anything but trustworthy. In fact it's recognized by SpySweeper
and other good anti-spyware as questionable software product and a
browser/start page hijacker. While we never recommended the "Trust Toolbar"
we did recommend the Comodo Firewall, not realizing that the company that
makes both products was the same. Effective immediately we are not
recommending the Comodo Firewall.

 

[Craig]

I found some real interesting info :

http://www.libellules.ch/dotclear/index.php?2006/01/02/727-comodo-personal-f
irewall

Important News About Comodo Firewall - We Are No Longer Recommending
It!

<news item deleted>

Garry, until next time to dispromote your firewall.

Intriguing. Googling "Comodo Trust Toolbar" brings up hundreds of hits
mostly working back to sites such as CA, Spywareguide, CastelCops, et
al. General consensus (as of June 2003) was Comodo Trust Toolbar was a
minimal-to-moderate threat that would slow IE's performance over time.

CA's site classifies Comodo Trust Toolbar as a Hijacker *and* BHO. For
those interested in data security, the last point should be noted.

Comodo still offers the Trust Toolbar. Their press announcement can be
found: <http://www.comodogroup.com/news/press_releases/02_14_02.html>.

Notable quote:

Domain names and URLs are confusing and often meaningless to the
customer - they have a better chance of navigating to a website using
the everyday names they know! TrustToolbar provides users with a
faster, friendlier and common sense way of navigating to a website.

Fwiw, here's their "about Comodo" spiel:

About Comodo: Comodo provides next generation E-commerce Security
Solutions. E-business is the most exciting revolution of our age and
offers an unimaginably vast potential if - and only if - the
challenges of real security are successfully met. Comodo offers "one
stop" security for today's businesses and consumers; a comprehensive,
user friendly infrastructure designed and integrated with exciting
new products and services.

Toodeloo, thanks for the alert.

Garry, a question: Why would a client who is looking for a PC security
product (s/w firewall) choose such from Comodo: a developer/vendor that
also offers products identified as a security threat by companies such
as CA?

tia,
Craig

 

[Richard Steinfeld]

....

Intriguing. Googling "Comodo Trust Toolbar" brings up hundreds of hits
mostly working back to sites such as CA, Spywareguide, CastelCops, et
al. General consensus (as of June 2003) was Comodo Trust Toolbar was a
minimal-to-moderate threat that would slow IE's performance over time.

CA's site classifies Comodo Trust Toolbar as a Hijacker *and* BHO. For
those interested in data security, the last point should be noted.

....


Toodeloo, thanks for the alert.

Garry, a question: Why would a client who is looking for a PC security
product (s/w firewall) choose such from Comodo: a developer/vendor that
also offers products identified as a security threat by companies such
as CA?

Thanks everyone. I'm grateful for the replies.
I had been mulling over the company's business -- it seemed to me like
some sort of "pay us and we'll endorse you" operation of some sort. I
hadn't caught the spyware angle. I'd been really puzzled by the
company's disjointed web pages and strange public face.

The ethics issues you raise remind me of Providian Bank and Doubleclick.

I'm gonna be sick...

In the meantime, I'm still using Sygate, and I just installed it on two
computers I recently bought. I tend to save my downloads, so despite
it's being almost completely pulled from the internet, I just reached
into my goodie bag and installed the last version. It's still possible
to "register" it on-line, so once that's done, it's a free ride. And I'm
still pleased as ever with the performance of Sygate Personal Firewall.
The only limitation that I've come up with is that there's a 20-rule
limit on custom rules -- and I recently hit that limit. It can also be
maddening to work with logs sometimes because of the way that the
information defaults on the screen -- lots of tugging and dragging
borders. But we don't need to do that very much. I can still recommend
this product if you can get your hands on it.

Richard

PS: about Doubleclick:
I recently installed Windows XP SP1 and upgraded to SP2. I tracked all
the communications during the entire 3 hour update process with Sygate.

The Sygate logs showed that that Microsoft made my computer transmit out
to Doubleclick twice during the update process. One of the transmissions
was during activity associated with Instant Messenger. The other
(naturally) was around Windows Media Player -- I suspect some
hanky-panky involving Digital Rights Management.

Regarding Doubleclick: I believe that once a company establishes an
abusive business model, they're not going to change into an honest
operation later: the die is cast. It's like spraying the outhouse with
perfume.

 

[Comodo]

we built Trusttoolbar in 2001. Here is how it worked
1)Trusttoolbar had a huge database of Domains and info about who
actually Owned these domains
2)Trusttolbar was a BHO (Browser Helper Object) built for IE

What it was designed to do: Everytime you went to a domain/site it
checked with the servers that held the database, to see who owns the
site (legal entity/company name, address etc) and displayed this
information, including the country where this company is, on the
address bar to the user. This way users knew which entity they were
dealing with and where this entity was based.

Ok that sounds harmless, so why is it branded as spyware?

in 2001, we made a design decision to provide a "better 404 error page"
for a better user experience. Because we had the only database that had
a company name that had linked a company name to a domain name, we
could easily allow our users to enter a company name to take them to
the company's website (bit like reverse IP etc). So when you entered a
domain that your browser did not recognise, 404 error page it would
throw, would show our results, displaying all the possible company
names and domains they own, rather than simply showing 404 error page.
We thought, what a good idea, helping the user by trying to find what
they are looking for! BTW: We do not make money from neither running
the servers nor providing the trusttoolbar. we do not make money from
anything trusttoolbar! Anyway, the clever spyware companies started
marking Trusttoolbar as spyware. We were literally gobsmacked. We got
in touch with few of them, explained it to them, they removed
trusttoolbar from the list, but others sprouted and it was a such a
huge cost just to keep on top of these guys and explain and some of
them we couldn't even find a proper address to write to. We don't make
money from this, we ran the service for free! So we decided that it was
not worth keep chasing these companies who, without really analysing
what the product does, mark it as spyware. Thats when we decided to
stop Trusttoolbar. We are waiting for a development schedule so that we
can re-design it to remove the areas that spyware companies, wrongly
so, mark as spyware. We always informed our customer about how
Trusttolbar will work etc. Anyway, so we had lots of unhappy users, who
enjoyed trusttoolbar so need to say sorry to them.

So what is Comodo trying to do: Giving out all these freebies? Whats
behind it?

Comodo's vision is to establish "Identity and Trust Assurance" on the
Internet.
You go to a site, your identity could be stolen, you could be
victimised against IdTheft etc etc. There simply is no way of verifying
what you see. Comodo has dozens of patents on numerous security
products, and take part Standards Settings committes likes of TCG, to
CHES http://www.chesworkshop.org/. We Secure a good chunk of the
internet, by putting padlock on browsers. Our business model is based
on making money from businesses and enterprises. And we want as many
users as possible to use our products. A bit like Adobe, free reader
but they charge for the writer. The security products we provide to end
users are like our readers.. it allows us to introduce new and
innovative technology to end users and we capitalise on these by
selling these services to businesses. We will not charge end users for
security products like firewall, ivault, Vengine, Free email
certificate etc. (we have Anti Virus and Anti spyware in the short term
as well ) and all FREE.. yep Free! Cos we want as many people to
use our innovative products. So we created our products under Comodo
Launch Pad (like a Security Center). For us to get branding in the
market place, we have to do something, and we choose to give our
consumer products for free. Cos we believe we can build a brand and
introduce new technologies this way (its a fairly simplified view but
can't get into too much detail here)

So thats Comodo in a nutshell, more than happy to answer any questions.

thanks
Melih

 

[Richard Steinfeld]

we built Trusttoolbar in 2001. Here is how it worked
1)Trusttoolbar had a huge database of Domains and info about who
actually Owned these domains
2)Trusttolbar was a BHO (Browser Helper Object) built for IE


So thats Comodo in a nutshell, more than happy to answer any questions.

thanks
Melih

Thank you very much, Melih, for your articulate, well-written
explanation. After the earlier false starts and problems, we needed to
establish trust.

I, for one, like to know the lineage of a company and/or the motivation
for people who are introducing a product. Internet users have good
reasons to be a bit paranoid, as we all know. ("Just because you're
paranoid doesn't mean that you don't have enemies.") You've provided a
good beginning.

Richard

 

[Craig]

Melih from Comodo wrote:

in 2001, we made a design decision to provide a "better 404 error page"
for a better user experience....Anyway, the clever spyware companies started
marking Trusttoolbar as spyware. We were literally gobsmacked. We got
in touch with few of them, explained it to them, they removed
trusttoolbar from the list, but others sprouted and it was a such a
huge cost just to keep on top of these guys and explain and some of
them we couldn't even find a proper address to write to...Thats when we decided to
stop Trusttoolbar.

That would seem to be supported by the age (mid 2003) of most of the
"spyware" tags I'd seen posted. But BHO's are tricky things
security-wise...They have almost unfettered ability to transmit data.
F-Secure takes this a step further by stating that Trusttoolbar actively
"collects information about the user."

Are you saying they are incorrect?

I can understand a company w/o a lot of resources feeling "gobsmacked"
by the anti-spyware crusaders. But, you've been around for a while now
and so has Trusttoolbar. (It is /still/ offered for d/l by numerous
sites). This being the case and, assuming what you write is correct
Melih, I'd have to say that your company needs much a much more focused
messaging.

For example, I assume that you work for Comodo. Not hard but *who* are
you? Does the corporation accept you as a spokesperson? How about the
other guy who's posted here? Do either of you set policy? And I'm not
even going to start wrt to the plethora of domains Comodo operates...

Coherence. If you guys could get some mindshare from marketing (or
whoever does your web content for example). It'd help us sift through
innuendo and dated material.

Accessibility. If, each time anyone from Comodo posted, they had a
standard tag line showing urls for faq, forums, etc, we could (and a lot
would) check out what you're up to.

Couple of ideas, fwiw. I'm still interested in Comodo but, just as
important as the product is the company...especially when talking about
so-called "personal" firewalls.

best regards,
-Craig

 

[toodeloo]

Graig asked the question :

For example, I assume that you work for Comodo. Not hard but *who* are
you? Does the corporation accept you as a spokesperson? How about the
other guy who's posted here? Do either of you set policy? And I'm not
even going to start wrt to the plethora of domains Comodo operates...

Garry and Melih both used http://groups.google.com to post a comment.
That makes them spokespersons? Garry wrote that he is working for Customer
Care, but Melih ??????.
We are talking a lot about trust and security and what are you guys doing?
Complaining that you don't understand that people call your software
spyware. Trust us, trust us , TRUST US.
Sorry, it's the internet and no religion matter.

Accessibility. If, each time anyone from Comodo posted, they had a
standard tag line showing urls for faq, forums, etc, we could (and a lot
would) check out what you're up to.

Craig and a lot of others seems to understand that; only the people
answering for Comodo still don't.
Customer Care? You mostly answer: trust us and it is OK and NO info or good
answers are given.

Couple of ideas, fwiw. I'm still interested in Comodo but, just as
important as the product is the company...especially when talking about
so-called "personal" firewalls.

there is a lot of interest for a good personal firewall.
The Comodo firewall could become the leading free firewall if it is honest
and a spyware free firewall.
Just a good working firewall; no extraas like cookies blocking; only a good
working firewall.
No time limitations; not that your firewall stopped working after a year;
etc.
People love to update a great product to an even better product and if the
Comodo group updates there firewall people will download the newer version.
Are the download IP's ( and the other informaton you get when somebody
download something ) not enough for you?


Comodo wrote about the Comodo Trust Toolbar (CTT) :

What it was designed to do: Everytime you went to a domain/site it
checked with the servers that held the database, to see who owns the
site (legal entity/company name, address etc) and displayed this
information, including the country where this company is, on the
address bar to the user. This way users knew which entity they were
dealing with and where this entity was based.

so Comodo knows exactly what, when, where, etc. we are doing on the
internet.
And don't tell me you don't log those information.
Just like Google should give all there query information without any
complaint to the USA Comodo could do so ( or orderded to do so or maybe even
by default by an anti terrorist law ).

There is a serious risk that the " Comodo Trust Toolbar " mechanism is ( an
essential ) part of your firewall software.
A firewall should block access to "non trusted sites" or at least give a
warning?
The Comodo Trust Toolbar already does; isn't it?
A great tool for your firewall.


Comodo asked why there is so much to do about the Comodo Trust Toolbar

What it was designed to do: Everytime you went to a domain/site it
checked with the servers that held the database, to see who owns the
site (legal entity/company name, address etc) and displayed this
information, including the country where this company is, on the
address bar to the user. This way users knew which entity they were
dealing with and where this entity was based
Ok that sounds harmless, so why is it branded as spyware?

if you couldn't understand why your product is branded as spyware, you are
the right salesman for Comodo products.
But maybe you already give the answer : "that sounds harmless" ( but we know
it isn't !! )

Have a nice day.

 

[Comodo]

Craig

Sorry I should have introduced myself better. I am Melih Abdulhayoglu,
the CEO/President of Comodo. I am also the inventor of majority of
Comodo innovations and an techie (Electronics Engineer with extensive
background on device driver programming (good old days )

Yes I am saying that they are incorrect. The definition of spyware was
non-existent and majority of spyware companies don't analyse what the
product does. What is wrong with user's consent to give them a better
404 page? Nothing. Especially thats for no other reason that giving the
user a better experience, the company who provides this FREE service
makes no money in any way shape or form for this service!

As I said, its not we don't have the resources, its about putting
resources where the company makes money. The amount of resources this
spyware issue required was not worth our while, so we simply pulled the
plug. trusttoolbar dot com is no longer a site that promotes the
toolbar and we don't push this technology. I guess its fair to say that
it got shot down in the crossfire of this spyware war!

So we will at some time in future release a version but when our
developers have time to do that. Until then everyone is busy building
our Personal firewall, AV, Antispyware product, backup etc etc. Lots of
goodies that will be totally FREE.

Thanks for taking the time to respond Craig. Its important for us to
communicate with our users and we try to improve that communication all
the time.

Melih Abulhayoglu
CEO/President
Comodo

 

[Comodo]

Toodeloo

First of all thanks for taking the time to respond.

yes Gary and I are both spokespersons for Comodo. Trust is a difficult
and interesting animal and its earned! That is what we are aiming to do
by providing good, decent products that help the end users. We never
ask you to Trust us cos we are who we are.. Let us build our trust with
you through our interactions through the products we provide to you for
free. Thats all we ask!

Some very interesting and useful comments about our Comodo Personal
firewall, first of all thank you for that...
We have a version 2 coming in our firewall. We have created a whitelist
of mostly popular files so that we firewall could be more informative
about the applications its blocking/allowing. We had a lot of requests
from people saying: hey abc.exe is trying to connect to internet and
but i don't know whether i should allow or not. So we decided to build
a team of people who are analysing and putting together a whitelist of
popular executables (not just .exe's if you know what i mean) so that
less experienced users will feel comfortable using it. Also we have
added some protection against dll injections etc (wait for the details
) and we have some better GUI designs (we think so anyway).
Our licensing scheme that we have used works with Digital Certificates.
That is our background, we are a Certification authority, so all our
product licenses were built with digital certificates and usually
certificates are issued annually. So thats one reason why we have
annual license renewals. But more importantly we need that feedback
about who is still using the product or not. Let me explain this
further: Unless we know the product is good and people are keeping it,
we will be blind about its success. Lots of people could be downloading
it, installing and then uninstalling it. So a download figure does not
tell us anything about the quality of the product, as far as the user's
concerned, what is a good indicator is whether people are keeping it or
not. So by asking them renew their license after one year (again its
free), we will be able to figure out the percantage of users who keep
it etc and this will then allow us improve our product etc etc. This is
the only hard figure that will mean anything. yes there could be other
ways of doing it with checking IP addresses, storing them during update
etc etc, but we don't do that at the moment and the annual licensing
(which is free) is the only method we have today that we can rely on.

We do NOT log that information! NO! NO! NO!. As a Certification
Authority, we get vetted annually by KPMG to get our "Webtrust Seal"
https://cert.webtrust.org/ViewSeal?id=212 what this means is: they
come and check to see what we say in our "CPS" (Certificate Practice
Statement") is what we do. our CPS is public and anyone can check it.
its like you say this but are you doing what you say and if we do they
say ok u can have the seal. We have been Webtrust compliant for quite
few years now.. So NO we don't log your searching habit, where you surf
etc etc.. it has NO Interest to us. We make money selling Certificates
to Online Merchants and Enterprises.

Trusttoolbar is a stand alone product and has nothing to do with
personal firewall. I agree it would be good to have a feature to alert
the user about the suspicious sites. Time has moved on and we have
innovated much slicker technologies that can verify what you see.
Blacklisting works to a level and should be implemented of course, but
its time we started using whitelisting. afterall the real world with
mainly whitelisting eg: you show your passport (whitelisting) and go
thru immigration, your drivers license is about whitelisting you for
driving etc, so our Verification Engine (vengine.com) is a nice tool
(again for free for end users) that allows you to verify what you see
and there are over 70,000 financial institutions websites that you can
use to verify their authenticity. Again we make money by selling
certificates to those companies so that our tool will validate their
sites.


appreciate the feedback.

regards
Melih Abdulhayoglu
CEO/President
Comodo

 

[Comodo]

Dear Richard

Indeed Internet has shown us once more, how vulnerable we the human
race are against the technology which we befriend.

As Comodo our aim is to introduce and build the best security/trust
products for the market and make it available for free for end users
(like personal firewall, Ivault, free email certificates, free
vulnerability scanning, (and to come.... Comodo Anti Virus, Comodo Anti
spyware etc). We simply have no interest in charging the end user for
these products, not today, not tomorrow nor the next years. Our
business model depends on getting the End User trust to use our
products so that when we introduce a new technology they will be happy
to give it a go and hopefully they will adopt. And the technologies we
introduce are all (well almost all) about making money selling services
to enterprises. Just like Adobe model (free reader but charge for the
writer).

Its an innovative and ambitious initiative. This takes likes of
Symantec, CA head on! Those people make money by selling those products
to end users! But we are no strangers to fighting and taming the
gorillas of the industry ;-).

So we better build a bloody good product because otherwise our business
model will fail! We need to get End users to trust and love our
products, thats our strategy! Because if we do, then we can sell more
of our services to Enterprises.

So we greatly appreciate feedback to make our products better. We are
spending multi-million dollars in building/maintaining/improving these
products and all these benefits come to end users for free.

Thank you for your response Richard, truly appreciated.

Melih Abdulhayoglu
CEO/President
Comodo

 

[John Fitzsimons]

we have
annual license renewals. But more importantly we need that feedback
about who is still using the product or not. Let me explain this
further: Unless we know the product is good and people are keeping it,
we will be blind about its success. Lots of people could be downloading
it, installing and then uninstalling it. So a download figure does not
tell us anything about the quality of the product, as far as the user's
concerned, what is a good indicator is whether people are keeping it or
not. So by asking them renew their license after one year (again its
free), we will be able to figure out the percantage of users who keep
it etc and this will then allow us improve our product etc etc.

< snip >

There are other ways of telling whether a product is any good or not.
Two common ways are to create a beta team and get feedback from them
and read comments about your product in the newsgroup(s) it is talked
about in.

IF you had a beta team and the members made recommendations that you
acted on then that would give you a much better product and a great
deal of good publicity. As the members would recommend "their" program
to friends/clients.

Some of us don't care for regularly updating licences. Even if only
once a year. So we will not even bother to try out your product(s).
Not good for you if you are trying to create/enhance your brand
name.

Lastly, some of us here have had experience of "free" renewals from
other vendors that we were not impressed with. This is something like
they worked ;

Free registration for six months.
Free re-registration for six months.
Free re-registration for six months.
Ooops ! We have decided to go "commercial". Our product will cease
working unless you send us $xx.xx

Some people may think you will follow the same path. Using people as
beta testers without even informing them of it and/or asking them
whether that's what they want to be.

Regards, John.

 

[Comodo]

John

You raise very valid issues.

Today the annual licensing is the way it works, and as you said its not
the only way. We have beta groups that give us feedback etc but thats
just a good initial indicator but not a real indicator of whats out
there, we all have seen polls that turn out to be wrong . However, I
understand your concerns about

1)not wanting to renew licenses (even if yearly)
2)issue of companies changing their mind and charging for it, having
given the product for free.

I will take both on board and see what/how we can resolve it. you must
appreciate this is not going to be easy task, changing our licensing
scheme as all of our products use the same method and we do have many
products.

So do you like Comodo Personal Firewall? would you use it?

Please keep the feedback coming, greatly appreciate it.

 

[David]

< snip >

Below is a repost of my experiences with the Comodo Firewall from late
in 2005.

I read the OP and decided to investigate. I went to the site and read
the various pages. No information was given about supported OSs. I
filled in a throwaway e-mail address and download the file.

I checked my e-mail and found one mail from Comodo. It was SPAM and
had nothing to do with the firewall. A few minutes later I received
another two mails. One was an order confirmation, I can live with
that, the other contained the activation code.

I started the setup program after commencing my installation tracking
program. The installation aborted suggesting that my OS, Win98, was
not supported and that I should get in touch with Comodo for the
correct program. It stated that files had been removed and implied
that the aborted installation hade been cleaned up. I finished my
installation tracking and found that many entries had been made to the
registry and several files had been installed and not removed.

In light of these factors I cannot recommend Comodo Personal Firewall
or the ethics and trading practices of the company. I will not be
buying any of their products and recommend that all here do likewise.
--
David
Remove "farook" to reply
At the bottom of the application where it says
"sign here". I put "Sagittarius"
E-mail: justdas at iinet dot net dot au

 

[toodeloo]

Melih,

You didn't noticed it, but we are writing in the wrong group ( Richard, you
shouldn't started here, you must know better ;-)) .
This newsgroup has big problems with discussing non-freeware programs in
this newsgroup; so it's nice to finish this tread.
This newsgroup is for freeware programs. Freeware means here : 100%
freeware, no registrations, no nothing, not even postcardware. The Comodo
firewall is by that definition no freeware.
Melih, if your company uses the word freeware for this firewall it is not
correct. The die-hards in this group don't accept your firewall as a
freeware product.

yes Gary and I are both spokespersons for Comodo. Trust is a difficult
and interesting animal and its earned! That is what we are aiming to do
by providing good, decent products that help the end users. We never
ask you to Trust us cos we are who we are.. Let us build our trust with
you through our interactions through the products we provide to you for
free. Thats all we ask!

it's a free to use product, but no freeware.
I don't trust the product; I don't like the interactions. But that's just
me.
One person.

We have a version 2 coming in our firewall. We have created a whitelist
of mostly popular files so that we firewall could be more informative
about the applications its blocking/allowing. We had a lot of requests
from people saying: hey abc.exe is trying to connect to internet and
but i don't know whether i should allow or not. So we decided to build
a team of people who are analysing and putting together a whitelist of
popular executables (not just .exe's if you know what i mean) so that
less experienced users will feel comfortable using it.

If I remember it well it was ZoneAlarm version 3 ( or 4 ) which already
tried such a thing.
I would be amazed if one of the firewall users who didn't know if an
application is a correct application or not could be any help for you for
testing as a beta tester. Updating by default the "application blocking
signs" file could give an indication of how much people are using your
firewall. You could use statistics to get an idea of the real numbers.
But you need beta testers to find weak points or troubles in your firewall.

Also we have
added some protection against dll injections etc (wait for the details
) and we have some better GUI designs (we think so anyway).

still waiting for the details ;-).
Your software need neural net software to train the ongoing dll changes and
make it possible to live with the .dll hell.
Oh dear, I got crazy with all those changing dll's and an asking firewall.
Catching a wrong dll? Have fun.

Good GUI's for everybody are very difficult to make and if you look for
example to music software they use skins.
I never saw a firewall with skins, but they could have for example an expert
mode which make live sometimes more easy.
You are saying your GUI fits all; if I have problems with some colours could
I change the background colours to get more contrast? This is only one GUI
question.
Is there something like intrusion detection build in? Or in a payed version?
I have in mind Zonealarm<-> ZoneAlarm Pro or
Sygate<-> Sygate Pro. There is nothing wrong having some gems in a payed
version.
But you only have a freeware version isn't it?

But more importantly we need that feedback
about who is still using the product or not. Let me explain this
further: Unless we know the product is good and people are keeping it,
we will be blind about its success. Lots of people could be downloading
it, installing and then uninstalling it. So a download figure does not
tell us anything about the quality of the product, as far as the user's
concerned, what is a good indicator is whether people are keeping it or
not.

I think it does. If your firewall got a positive review people will start
downloading your firewall more and more.
Keep in mind that a good product sells itself. People are now switching from
Sygate to ZA and not to Comodo.
Also a product with problems and a bad history, but for some reason users
don't remember the internet history very well.

So by asking them renew their license after one year (again its
free), we will be able to figure out the percantage of users who keep
it etc and this will then allow us improve our product etc etc.

how to promote your product! We only improve our product if ...... ( oh
dear ).
Why do you need beta-testers if your product is already perfect?

This is
the only hard figure that will mean anything. yes there could be other
ways of doing it with checking IP addresses, storing them during update
etc etc, but we don't do that at the moment and the annual licensing
(which is free) is the only method we have today that we can rely on.

I understand

So NO we don't log your searching habit, where you surf
etc etc.. it has NO Interest to us. We make money selling Certificates
to Online Merchants and Enterprises.

maybe not of interest for you, but a lot of other people/organisations have.
Keep in mind that today every program that "calls back" for whatever reason
in considered as spyware.
Maybe you don't log it, but one of the router-computers could do so. There
is a law that forces providers to give a lot of information to security
services ( also worldwide ). Maybe we can trust your organisation, but
that's it.

Blacklisting works to a level and should be implemented of course, but
its time we started using whitelisting. afterall the real world with
mainly whitelisting

like Microsoft? Only if the program is allowed to run on your computer the
program runs on your computer.
The OS should first ask a knowledge database if your program is allowed to
run on your computer.
The OS should first contact a site to see if your software is legal and
otherwise, indeed, your computers isn't allowed to startup. If your OS
registration number is on a blacklist, oh dear.
If that database was hacked no-one could work.
Using black- or whitelisting in a program? Not for me. It's already more
often said : people need a drivers license if they would ride a car and
people should have internet knowledge if they surf on the internet.
Every idiot could ( and do ) surf the internet. I stopped helping some
people for free if there computer has again shit on it.
You couldn't protect people who deactived there firewall/AV-software if a
site asked to do so. They do it.
Or the baby-sitter who downloaded something and deactivated everything so
he/she could download that mp3 or ....
I think people need to learn security the hard way. That means : formatting
the drive with all there information on it and start from scratch. That also
means : buy an OS because most pre-installed PC's don't give the CD's with
the installed software.
But after a month the daily updating isn't anymore on a daily bases.
A white-listed database should have ALL the programs allowed; that's a lot.
Every!! version! from whatever software.
Sorry, but that doesn't work. You prefer a "popular" database, but I think
that's already one bridge too far.
Just like AV companies you get problems with false positives ( or in your
case negatives ).
I have a lot of old software ( < 1995 ) which is more and more flagged by
AV-software. All false positives.
I started complaing by the AV company and finally one program (
WallWatcher ) could now run without problems, but there are to much programs
with problems and my old flagged programs? So be it; I disable my AV
software.
I also have modern software with more and more false positives. I don't like
it when my programs are removed or blocked by default when I know they are
okee. When I want to run a specific program I have to deactivate my AV
software ( prevent it so it couldn't start up ). And the Comodo firewall
could have such a construction? Oh dear.

eg: you show your passport (whitelisting) and go
thru immigration, your drivers license is about whitelisting you for
driving etc

yeh, how simple live could be. There are a very limited number of passports
and an almost unlimited number of software programs. Your license database
is always behind. A newer software version or internet page/site should be
blocked if the information is not updated. Your license database ( give it a
name ) IP would be every day DDOS'ed or worse.
The best way to remove a firewall and company from excistence.


what do you know about usenet?
In a lot of newsgroups people ask which firewall they should use.
If the Comodo firewall is shot down every time it's not the promotion for
your firewall you like ( I think ).
You know the GRC newsgroups? There you have all the knowledge and testers
you like.
The Comodo firewall is already shot down in one of the GRC newsgroups and
removed by people who were testing the Comodo firewall possibilities.
However, if your firewall didn't got that bad reputation, your company
already had a lot more users ( most likely including me ).

Melih Abdulhayoglu
CEO/President
Comodo

but a nice tagline is still missing.
Okee, we can use Google to find Comodo firewall info.
Try it and what do you see? Indeed, a lot of negative information.
Again, we already wrote it, give us more info so we don't have to use Google
so we can only see positive information from your links.
But you prefer the negative findings? In that case you lose a lot of
potential users.

 

[Comodo]

Toodeloo

I would like to clarify some of the assumption you are making here.

1) You say: "You didn't noticed it, but we are writing in the wrong
group ( Richard, you
shouldn't started here, you must know better ;-)) . "
I did not start anything! I am merely responding to comments and
question about my company.

2)You say: "Freeware means here : 100%
freeware, no registrations, no nothing, not even postcardware. The
Comodo
firewall is by that definition no freeware. " Please elaborate as to
where you get this definition from? Freeware means free, could not find
information about freeware not needing registration but I could be
wrong hence ask for your source of information. But the point is:
Comodo is building a product that challanges any paid for product. Its
a full blown application, not a cut down version given out as a teaser.

3) You say: "Good GUI's for everybody are very difficult to make and if
you look for
example to music software they use skins." Skins to my knowledge don't
change the functionality of the GUI materially. I am talking about
making it more user friendly. I am talking about "usability
engineering". I don't believe skins offer that.

4)You say: "Your software need neural net software to train the ongoing
dll changes and
make it possible to live with the .dll hell.
Oh dear, I got crazy with all those changing dll's and an asking
firewall.
Catching a wrong dll? Have fun."

We are having great fun building it! For any problem there is always
more than one solution!

5)You say:Is there something like intrusion detection build in? Or in a
payed version?
I have in mind Zonealarm<-> ZoneAlarm Pro or
Sygate<-> Sygate Pro. There is nothing wrong having some gems in a
payed
version.
But you only have a freeware version isn't it?
As I indicated above, the way you refer to Freeware is as if its a cut
down version of something. Our products are full blown products that
will do much better than any paid for ones. As I tried to explain in my
previous postings, we will provide full blown applications with full
features and yes we will put intrusion detection and many other
security features into this version that we provide for free. We will
NOT have a version that we charge for. It will be free, and it will be
full version.

6)You say: " think it does. If your firewall got a positive review
people will start
downloading your firewall more and more.
Keep in mind that a good product sells itself"

As I indicated in my previous postings, download is one indicator, you
also need an indicator for the "stickiness" of the product. There could
be a hype and everyone downloads it but noone keeps it. you need both
indicators in my opinion

7)you say: how to promote your product! We only improve our product if
....... ( oh
dear ).
Why do you need beta-testers if your product is already perfect?

I don't recall calling our product perfect! Do you? I recall asking
everyone to help make this product the best product in the market and
everyone will benefit from it cos its free.

8)You say:When I want to run a specific program I have to deactivate my
AV
software ( prevent it so it couldn't start up ). And the Comodo
firewall
could have such a construction? Oh dear

There is nothing stopping you from running in the "Advanced mode" and
do whatever you like without any interruption. But please do understand
the majority of users are not security experts not do they want to be.
They want a solution that works, without them having to learn how
things work. they simply want to enable and forget! It is that solution
we are trying to bring to market. Of course this solution will also
have an "advanced" capability for the more advanced users.

9)You say:what do you know about usenet?
In a lot of newsgroups people ask which firewall they should use.
If the Comodo firewall is shot down every time it's not the promotion
for
your firewall you like ( I think ).

First of all, lets get this straight here! We are NOT using NGs to
promote our products! We are merely responding to queries and asking
interested parties to help it make better when we respond. and I see
lots of positive postings..and here is a good example where people have
put our firewall thru some good tests and posted the results.
http://forum.avast.com/index.php?topic=17020.0 . And what matters
for us is, factual feedback thats all we ask so that we can make our
products better for everyone!

Toodeloo, thanks for taking the time to put your thoughts and we do
take them on board. We will continue to make our products better and
easier to use.

thanks
Melih
CEO/President
Comodo