Slashdot Mirror

← Back to Stories (view on slashdot.org)

Comodo Antivirus Tech Support Feature Lets Anyone Connect To Your PC (softpedia.com)

Posted by timothy on from the general-purpose dept.

An anonymous reader writes: Google Project Zero security researcher Tavis Ormandy has discovered that one of Comodo's tech support tools packed with many of the company's security products leaves the door open for attackers to connect with admin privileges on the user's PC. He discovered that to blame for this problem was a remote desktop tool called GeekBuddy, which Comodo was bundling with its security software. This tool either used no password, or used a simple system to create the password which tech support staff would use to connect to user PCs. Ormandy previously discovered a similar issue in Comodo software, related to the company's Chromodo browser.

33 comments

  1. GeekBuddy ðYðY by OOSCARR · · Score: 3, Funny

    It's not a bugd, it's a feature!

  2. USA DoJ mandates Apple install ... by Alain+Williams · · Score: 5, Funny

    Comodo Anti-virus on all iPhones, "it is irresponsible of Apple to not protect its users using this fine software" -- next week's news.

  3. Why do these bozos still exist? by Anonymous Coward · · Score: 1

    Their certificate booboo wasn't their fault? I don't believe it. They just successfully dodged the blame.

    Instead of a three strikes law against consumers, I want one against obviously incompetent security companies.

    1. Re:Why do these bozos still exist? by Anonymous Coward · · Score: 0

      why do they exist? simple. Their level of incompetence is a tactical asset. :D

      a better question would be, how insane do you have to be to think that KOMODO stands for anything but incompetence and pretty words on paper?

    2. Re: Why do these bozos still exist? by Anonymous Coward · · Score: 0

      Let's see. Monitor all queries, scan all your files, collect all your browsing habits for FREE! Fuck comodo in their ass. I can't even comprehend the stupidity behind assuming their free crap is useful.

  4. Comodo is amateur security by Anonymous Coward · · Score: 2, Informative

    Comodo was also plagued with security issues on both their so called secure browsers based either on Firefox or Chrome. Neither of them stay up to date with the browser versions. I called them out on this a year or more ago. I said, how can you call these browsers secure? When it takes you weeks to update to the latest version release? After a dismal response I decided their motives were not genuine in protecting users. Stay away.

    1. Re:Comodo is amateur security by Somebody+Is+Using+My · · Score: 3, Insightful

      Wasn't there a thing where Comodo was issuing false certificates for Google, Microsoft, etc. too a few years ago? I think their servers got breached too... Oh yeah, there was.

      These guys have repeatedly been in the news for having problems like this. It certainly does not make for a very compelling reason to trust your security to them.

    2. Re:Comodo is amateur security by Anonymous Coward · · Score: 1

      Follow the money:

      The anti-virus industry is a multi million dollar industry. The malware / virus / ransomware et. al. industry is potentially a multi-billion dollar industry with security breeches netting millions worth of data (banking data etc) in single hauls.

      It doesn't seem so far fetched to believe that the people making security software are taking back handers to do a bad job on purpose. Pure speculation of course but this does fit with how the world works. At best, even with the best intentions and no skulduggery, the security software industry is simply outmatched by the people who are on the other side of the fence.

    3. Re: Comodo is amateur security by Anonymous Coward · · Score: 0

      Anybody who first hands out a FREE shitty fw and then throws in av software AND a browser?... You'd have to be a fucking moron to not realize they are fishing for your data.

    4. Re:Comodo is amateur security by Win0ver · · Score: 3, Informative

      They're a scummy company to say the least. They routinely call my company about our 'expiring SSL certificates', trying to make us renew with them, while pretending they issued our current certificates (which they obviously haven't).

      They basically crawl the whole web looking for expiring certificates and call everyone, pretending to be the issuer.

      Telling them to fuck off doesn't do anythying; they're still calling every time we have a certificate due to expire within a few months.

      Oh and they're the only ones willing to provide a cert for TPB.

  5. Comodo by Anonymous Coward · · Score: 0

    I wonder how much longer the name Comodo will have any value.

    1. Re: Comodo by Anonymous Coward · · Score: 0

      Up next, the free ComodoPhone.

  6. Comodo: Firewall good, AV bad by Anonymous Coward · · Score: 1

    Comodo's firewall program is pretty nice for blocking things that you don't want to phone home, things that just shouldn't need internet access, or things that you want to disable automatic updates on.

    I've used it for a long time, although after struggling with a recent UI update that made things more naggy and less useful, I recommend searching for "old version" and getting version 5.3.

    One of the things the newer versions nag about is installing the antivirus and "GeekBuddy" crap.

    So, assuming that this security flaw isn't present for people who use the firewall only, my anecdotal experience says that the firewall is a very useful tool, but there are easily better (free) antivirus options.

    1. Re:Comodo: Firewall good, AV bad by Anonymous Coward · · Score: 0

      Comodo's firewall was (and still is) recommended on Matousec's proactive security challenge.

      I'm using version 5.5; haven't updated it since installing, and turned off all call-home and cloudy features. I'm quite happy with it. The UI could be better.

      Is there anything specific in 5.3 that is 'better' than 5.5?

    2. Re:Comodo: Firewall good, AV bad by Anonymous Coward · · Score: 0

      Hm, scratch that note about cloudy features. I can't find those in the settings dialogs. It must've been a different firewall. I sampled a handful of firewalls before settling for Comodo. One of them had a feature where it asks online whether an executable should be trusted or not.

    3. Re:Comodo: Firewall good, AV bad by Anonymous Coward · · Score: 0

      "I recommend searching for "old version" and getting version 5.3."

      Yes, Yes! Let's use older versions of a security product which is probably more vulnerable to issues patched in later versions. This reminds me of people who run ancient versions of Firefox and other internet tools which are more easily compromised because they haven't been patched (to cover latest security threats/bugs)! I've seen people treat security products like they would a toaster. Well, it works, it's doing it's job, so why not leave it be?

    4. Re:Comodo: Firewall good, AV bad by Anonymous Coward · · Score: 0

      and don't forget many of these "old version" sites don't provide checksums to verify the programs. they just don't give a shit!

      if you must run older versions of software, do so only on an airgapped computer with checksums which can be verified and matched 100% with checksums provided by the original developer(s). Can't find those old checksums? Aw, too bad.

  7. bundling by Anonymous Coward · · Score: 0

    who asked them to bundle that crap? just give me the damn AV... when i buy bread, nobody bundles the peanutbutter

    1. Re:bundling by aliquis · · Score: 1

      who asked them to bundle that crap? just give me the damn AV... when i buy bread, nobody bundles the peanutbutter

      Restaurant:
      - You forgot to give me any butter!
      - ??, that will be $2.

  8. "He discovered that to blame for this problem..." by Anonymous Coward · · Score: 0

    "He discovered that to blame for this problem was a remote desktop tool called GeekBuddy,"

    Fucking American idiots.

  9. New AV, now with Back Orifice! by Anonymous Coward · · Score: 0

    Or netbus...

  10. Re:"He discovered that to blame for this problem.. by Anonymous Coward · · Score: 0

    "He discovered that to blame for this problem was a remote desktop tool called GeekBuddy,"

    Fucking American idiots.

    Generalize much?

  11. Re:GeekBuddy by freeze128 · · Score: 2

    What really grinds my gears is when companies sell you a product that duplicates features that are already built into the Operating System. Why use GeekBuddy, when Windows already has Remote Assistance built right in, and is more secure.

    It boggles the mind!

  12. How are they still in business? by ilsaloving · · Score: 1

    I don't understand how a company that claims to be in the security business, can screw up so much, and so often, and still be in the security business.

    They severely botched their browser, their support tools, their certificates.... You couldn't trust these people to warm up a pre-cooked hot dog without giving you salmonella.

    It's amazing how instead of taking companies like these to task over their continual screw ups, they are either ignored at best, or rewarded at worst.

  13. Re:GeekBuddy by PRMan · · Score: 2

    Have you tried to use Remote Assistance? Trying to get a non-techie user to set it up so you can get in takes an hour if at all.

    I use Join.me, which people can generally do in about 5 minutes.

    --
    Peter predicted that you would "deliberately forget" creation 2000 years ago...
  14. This is wonderful by Anonymous Coward · · Score: 0

    There's another program called niggerbuddy I use that does something similar.

  15. subjects are stupid by Anonymous Coward · · Score: 0

    This was published at least a couple of weeks ago. If you're going to turn /. into a lifeless news aggregator, at least keep it up to date. Seems I can get better news much easier on Reddit.

  16. Re:GeekBuddy by blindseer · · Score: 1

    Perhaps because the developer believe that they can do better than Microsoft. This is something that might not be all that high of a bar to hurdle generally speaking.

    --
    I am armed because I am free. I am free because I am armed.
  17. Re:"He discovered that to blame for this problem.. by Anonymous Coward · · Score: 0

    "He discovered that to blame for this problem was a remote desktop tool called GeekBuddy,"

    Fucking American idiots.

    Generalize much?

    No, you're holding it wrong.

    Instead: All you people generalize too much.