hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P.
1 edit |  Comodo Continues to Damage It's Reputation
»msmvps.com/blogs/hostsnews/archi···205.aspx
this is a follow up on certificate issue that seems to be an
on going item!! |
|
siljaline
mind that delimiter
Premium
join:2002-10-12
Montreal, QC |  Thanks for this, hayc59   |
|
VikingBob
join:2004-06-05
Ste Anne, MB | reply to hayc59
Comodo really needs to smarten up...  |
|
shearer
Northern Lights
Premium
join:2002-06-18
Toronto, ON
clubs: | reply to hayc59
Disabled Comodo certs on IE and Firefox. thanks for heads up |
|
SUMware
Premium
join:2002-05-21
| reply to hayc59
Another thank you!
said by VikingBob :Comodo really needs to smarten up... It's called 'producing profits' instead of 'providing protection'. |
|
siljaline
mind that delimiter
Premium
join:2002-10-12
Montreal, QC | Perhaps "layered" malware SUMware |
|
onDvine
Premium
join:2005-01-29
So. CA, USA
clubs:
 ·Verizon Online DSL
| reply to shearer
I'm still using Comodo version 2.4.18.184. Should I disable anything in Firefox? If so, where do I find the certs you referred to?
Don't use IE, but access one PhotoBucket account using Avant Browser (which is IE-based) to keep its cookies separate from another PhotoBucket account.
--
Be content with your lot; one cannot be first in everything. ▪Aesop |
|
SUMware
Premium
join:2002-05-21
2 edits | reply to siljaline
said by siljaline :"layered" malware  layered security insecurity |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny
1 edit | reply to onDvine
In FF, it's under Tools|Options|Advanced|Encryption and then view certificates. Find Comodo, and click edit for each of them and uncheck the boxes. |
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada
1 edit | I unchecked and deleted all Comodo certificates in Opera, Seamonkey and IE7 and haven't had any problems. |
|
Trel
Good Evening
Premium
join:2002-10-08
Hillsborough, NJ | reply to hayc59
Isn't EVERY issuer doing this, and the only reason Comodo's come under fire for it because they also have a line of security products?
--
/chown -R us:us /yourbase |
|
KoRnGtL15
Premium
join:2007-01-04
Grants Pass, OR
| reply to Its a Secret
Thanks for the tip! I need to do the same with IE8. But not sure how to?
said by Its a Secret :In FF, it's under Tools|Options|Advanced|Encryption and then view certificates. Find Comodo, and click edit for each of them and uncheck the boxes. |
|
danny9
Go Ahead, Make My Day
Premium
join:2002-07-14
Clinton Township, MI
clubs:
 ·VoicePulse
 ·Comcast
| reply to Trel
said by Trel :Isn't EVERY issuer doing this, and the only reason Comodo's come under fire for it because they also have a line of security products? Can you honestly say you would trust Comodo to protect you when at the same time they are issuing certificates to malware sites?
Sounds like they're trying to have their cake and eat it too which is philosophically impossible.
They have been told about this but continue to ignore it hoping it will go away. It won't.
I am one of those users, I was running CIS, that will no longer use any Comodo product on my computers.
They may have started out with the right idea but money became the name of the game.
--
"In times of universal deceit, telling the truth becomes a revolutionary act.."
George Orwell |
|
Trel
Good Evening
Premium
join:2002-10-08
Hillsborough, NJ
1 edit | said by danny9 :said by Trel :Isn't EVERY issuer doing this, and the only reason Comodo's come under fire for it because they also have a line of security products? Can you honestly say you would trust Comodo to protect you when at the same time they are issuing certificates to malware sites? Sounds like they're trying to have their cake and eat it too which is philosophically impossible. They have been told about this but continue to ignore it hoping it will go away. It won't. I am one of those users, I was running CIS, that will no longer use any Comodo product on my computers. They may have started out with the right idea but money became the name of the game. Well to be completely honest, I couldn't care less about that link, as I highly doubt the programmers are the same that issue the certs. I use Comodo 2.4 (never liked 3), but either way, it irks me to see JUST Comodo being bitched at for this when all cert issuers do it.
Don't get me wrong, I don't approve of this, but to me the problem isn't that Comodo is doing this. The problem is that ANY cert issuer does this. And they all do. Singling out Comodo seems to just confuse the issue.
--
/chown -R us:us /yourbase |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to Its a Secret
Simply unchecking Comodo certs is not enough. You must also uncheck for Add Trusted, Be Trusted and User Trust Network. They are all owned by Comodo. In Fx you cannot delete them. Well, you can but Fx will replace them next time you open the browser. Instead, disabling them as you have described is the correct and only effective way to do it in Fx.
In IE, UTN is User Trust Network. Click on Advanced tab and uncheck everything on each of them. Uncheck the Comodo one. Uncheck all A-Trust ones also.
In Opera, they are Add Trust, Comodo and UTN. You can uncheck both boxes or you can check both boxes. If you check both boxes then Opera will warn you before using the cert.
Fx3 is a mess for dealing with certs compared to earlier versions. In 1.5 if you have unchecked a cert, and you encounter a web site that uses a cert from that root issuer, Fx gives you a straightforward warning and asks if you want examine the cert, choose to never accept that cert, choose to accept it one time or always accept it. Fx3 is a great deal more complicated and you have to navigate through a bunch of windows designed to terrify the average user before Fx3 will allow you to examine the cert which is the first thing it should do like it does in 1.5. You need to examine the cert but Fx 3 thinks users are too dumb to do that (and a lot are).
Fx3 also is extremely misleading and lies to the user as it tells you that something is wrong with the web site. That is not true if you have unchecked all Root certs from Comodo! There is nothing necessarily wrong with the website. The user chose to uncheck those certs and unchecking them is the "problem". There could be something nasty at the website that uses one of those certs but not always. I keep GoDaddy unchecked because a lot of sites that are sleazy use GoDaddy because it is the cheapest. I want to know before I go to a secure site secured by GoDaddy. Fx 1.5 handles this correctly. Fx3 goes nuts. I just need to look at the cert (partly because I need to see who the issuer is) which Fx 1.5 understands and shows it to me immediately. Fx3 freaks out and makes it a hassle for me to examine the cert.
Mozilla is still seriously discussing yanking Comodo certs but the stumbling block appears to be that since that has never been done before they don't know how best to do it while causing the least disruption to users. At this point, I think they just need to yank them even if it causes some initial problems. I get chills every time I think about how Eddy Nigg was able to buy a cert for mozilla.com from a Comodo reseller with no attempt to check his identity. I think they should have yanked them back in January instead of the immense amount of discussion in the news group and the filing of bugs, etc. which is still ongoing.
--
"The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason |
|
danny9
Go Ahead, Make My Day
Premium
join:2002-07-14
Clinton Township, MI
clubs:
·VoicePulse
·Comcast
| reply to Trel
Many cert issuers are in that business. That's what they do.
Comodo is in the security business, the others are not.
They are supposed to be protecting us from the very sites they are selling certificates too.
That's the difference.
Instead of trying to contol malware they are adding to it.
I have to wonder how many users have been infected by these sites certified by Comodo.
--
"In times of universal deceit, telling the truth becomes a revolutionary act.."
George Orwell |
|
mers2
Premium,MVM
join:2004-03-20
USA
clubs:
 ·AT&T U-Verse
| reply to hayc59
Comodo is going to discover that they either have to be in the cert business or in the security business, you can't do both. Well, you can, but those who know better won't deal with them. I've been really disappointed with how Comodo has handled a number of situations and I won't be using any of their products simply because I don't trust them. |
|
hayc59
VoodooChild
Premium
join:2001-02-26
David R.I.P.
1 edit | reply to danny9
said by danny9 :Many cert issuers are in that business. That's what they do. Comodo is in the security business, the others are not. They are supposed to be protecting us from the very sites they are selling certificates too. That's the difference. Instead of trying to contol malware they are adding to it. I have to wonder how many users have been infected by these sites certified by Comodo. This is exactly the point no matter what company or programmers, its what they allow to be included in their software and being in the security sector is just not cool!
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security 2007-09
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget |
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada
·Bell Sympatico
·Cogeco Cable
1 edit | reply to danny9
said by danny9 :Many cert issuers are in that business. That's what they do. Comodo is in the security business, the others are not. They are supposed to be protecting us from the very sites they are selling certificates too. That's the difference. Instead of trying to control malware they are adding to it. I have to wonder how many users have been infected by these sites certified by Comodo. Well said danny9 and i totally agree with what you say, and have unchecked removed everything and anything that deals with Comodo in the three Browsers i mentioned earlier in this thread.
Edit: i have never used Comodo products and never will, i never trusted that company for some reason.
--
The greatest mistake you can make in life is to be continuously fearing you will make one.
Next to knowing when to seize an opportunity, the most important thing in life is knowing when to forego an advantage. |
|
onDvine
Premium
join:2005-01-29
So. CA, USA
clubs:
·Verizon Online DSL
| reply to Its a Secret
said by Its a Secret :... Find Comodo, and click edit for each of them and uncheck the boxes. I did as suggested and found none of the boxes checked for any of 'em (see screen snapshot). Deleted all, but they were there again immediately when I reopened the section without doing anything else. Is it possible that since they're already unchecked, they have no ability to authorize anything? "Authorities" is the only tab that has anything in it at all. |
|
