hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P.
1 edit |  Comodo continues to issue certificates to known Malware
I was following up on a list of malware sites posted on Dancho Danchev's Blog and yet again I find Comodo issuing certificates to these Malware writers. The reason I say again is I was given a "secret" email address at Comodo a while back to report these culprits ... however I was asked to keep it quiet.
Forum: COU
More Info: MSMVPS Blogs
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security 2007-09
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget |
|
sded
Premium
join:2002-11-04
San Diego, CA | Followup to »REMOVE Comodo Certificates from FireFox, Opera!!! ? I have Opera set up to warn me if any site tries to use a Comodo sponsored certificate. |
|
mers2
Premium,MVM
join:2004-03-20
USA
clubs: | reply to hayc59
Absolutely incredible. Just reinforces my decision to not install ANY Comodo product nor will I recommend them to anyone else. |
|
danny9
Go Ahead, Make My Day
Premium
join:2002-07-14
Clinton Township, MI
clubs: | reply to hayc59
Do you know if Comodo is the only one doing this or if it is a common practice among other vendors?
Just curious.
--
VoicePulse 07/29/04 |
|
ColdinCbus
Premium
join:2002-12-28
Columbus, OH
clubs:
| Other SSL Cert providers are doing the same thing. The issue is that Comodo also has a security product software line where the other cert providers don't.
--
Team Discovery Project Hope |
|
Jrb2
Premium
join:2001-08-31
| reply to hayc59
Thread at the Wilders board:
»www.wilderssecurity.com/showthre···t=242453
May I quote reply # 34 (from Wolfe) with which I fully agree:
quote:
It al boils down to this (emphasis is mine):
quote:
Today, the biggest issuers of DV certs are Verisign and Godaddy. They have continued issuing DV certs which caused likes of Comodo to offer it as well. If we didn't we would lose customer and the world would have no chance of fight back.
the bolded part from the quote above could well be translated as:
"My competitors in the auto sales branche do provide waranties for cars with failing brakes. Therefore, I must do one and the same, otherwise it would cost me money".
In my book that's by no means a justification; on the contrary. Knowing there's something totally wrong, stating in public one and the same - and persisting in doing the wrong thing can't be justified in any way. Symantics are of no importance here.
Comodo should keep the interest from the public in mind instead of focussing on loosing money/clients themselves. They willingly pick the wrong side.
Wether or not part of the competition is doing one and the same is of no importance; it's Comodo who solely is responsible for their actions. The same goes for the technical relevancy from certificates in question; that is not the real issue at hand here.
|
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P.
1 edit | reply to hayc59
Jan sorry to say that thread @ wilders has been shut down
Follow up..more has come to light on this
controversy and looking very strange
»www.calendarofupdates.com/update···try80612 |
|
TonyKlein
join:2001-07-02
Netherlands | reply to hayc59
Mike has responded in his blog:
»msmvps.com/blogs/hostsnews/archi···604.aspx |
|
Jrb2
Premium
join:2001-08-31
| reply to hayc59
said by hayc59  :Jan sorry to say that thread @ wilders has been shut down I know, Gordon. |
|
coldmoon
Premium
join:2002-02-04
Broadway, NC
 ·Windstream
| reply to ColdinCbus
said by ColdinCbus :Other SSL Cert providers are doing the same thing. The issue is that Comodo also has a security product software line where the other cert providers don't. This complicates things I am sure, but does not always mean that the commercial services "division" is set up to support or coordinate with the PC security side of things. While on a personal note I would suggest strongly that this should be tighter, there is no obligation on the part of a company to follow a specific business or operational model.
The litmus test here is what the competition will do and whether taking an opposing approach to the current models will result in:
1. Greater market share
2. A realignment of the certificate industry that focuses on real security
What is important now is that this is being debated and exposed to a wider audience. At the very least it should give competitors something to think about...
JMHO
Mike
--
Returnil - 21st Century body armor for your PC |
|
ColdinCbus
Premium
join:2002-12-28
Columbus, OH
clubs:
1 edit | I totally agree with you. What I would like to see is that Comodo, at least, run the process through a database of rouge domains and IP addresses (I am pretty sure they are plugged into the same matrix we are if not even deeper in so they should have access to a pretty healthy list). That should flag some of the certificates for manual review. IT would be a step in the right direction for "Creating Trust Online".
--
Team Discovery Project Hope |
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P. | reply to hayc59
I think that trust has been tarnished
alot and will take time to get it back |
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada | reply to hayc59
Trust was out the window a long time ago with Comodo IMO.A good example is what they are doing to BoClean. |
|
dadkins
Can you do Blu?
Premium,MVM
join:2003-09-26
Hercules, CA | reply to hayc59
Never liked COMODO...
This just reinforces my dislike. |
|
sivran
Long Live The Suite
Premium
join:2003-09-15
Arlington, TX
clubs:
 ·RoadRunner Cable
| reply to hayc59
Hmmm. I'm beginning to eye my Comodo Firewall with suspicion. While it may be perfectly fine, I don't really trust the company, or their certs.
Perhaps time to look at the last firewall poll and see if I can find one I like! (Comodo's Training Mode is super convenient, for sure)
--
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon profitable cause... |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31
·Verizon Online DSL
| quote:
Hmmm. I'm beginning to eye my Comodo Firewall with suspicion. While it may be perfectly fine, I don't really trust the company, or their certs.
I will still use Comodo Firewall until it is proven that there is something amiss w/ it.
I can think of numerous companies where one part or division screws up well the rest of the companies cranks out excellent products.
--
“Facts not FUD." |
|
TheAnalyzer
join:2006-01-20
1 edit | reply to hayc59
I think that Comodo firewall *may* be an excellent firewall product.
So 'technically' it might be very good.
But in *my* opinion there is also something else apart form the 'technical coding' of the product:
- Trusting the vendor of the product.
I had CFP 2.4 installed for a very long time. It served me very well. I have nothing bad to say about it.
But because of what I hear now about comodo, I do not trust them so much anymore.
Again that does not mean that they make bad products.
regards,
TA 
--
quod erat demonstrandum |
|
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
 ·AT&T U-Verse
| reply to hayc59
I too will keep using Comodo Firewall, despite the erosion of trust in the company. I did however dump their AV in favor of Avira Anti-Vir Free a few weeks ago.
I am looking at alternatives, but am not sure what other free firewall software offers similar features such as the ability to block IP addresses or entire ranges, HIPS, and so on.
--
"The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot)
|
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P.
| reply to Grail Knight
said by Grail Knight : quote:
Hmmm. I'm beginning to eye my Comodo Firewall with suspicion. While it may be perfectly fine, I don't really trust the company, or their certs.
I will still use Comodo Firewall until it is proven that there is something amiss w/ it. I can think of numerous companies where one part or division screws up well the rest of the companies cranks out excellent products. Grail..I do not know what else you need to see that is happening right before your very eyes!!
»www.calendarofupdates.com/update···try80635 |
|
ashrc4
join:2009-02-06
australia
| reply to hayc59
If you can't trust comodo then how can you trust their firewall. They have numerous instances where they have covered up failures or tryed to change results. If something was up with the firewall would they tell anyone?
--
It's one thing to be sure of yourself. It's another to confuse people. If they weren't related to each other we wouldn't have a problem;~) |
|
