Comodo Antivirus Tech Support Feature Lets Anyone Connect To Your PC

An anonymous reader writes: Google Project Zero security researcher Tavis Ormandy has discovered that one of Comodo's tech support tools packed with many of the company's security products leaves the door open for attackers to connect with admin privileges on the user's PC. He discovered that to blame for this problem was a remote desktop tool called GeekBuddy, which Comodo was bundling with its security software. This tool either used no password, or used a simple system to create the password which tech support staff would use to connect to user PCs. Ormandy previously discovered a similar issue in Comodo software, related to the company's Chromodo browser.

Comodo is amateur security

Comodo was also plagued with security issues on both their so called secure browsers based either on Firefox or Chrome. Neither of them stay up to date with the browser versions. I called them out on this a year or more ago. I said, how can you call these browsers secure? When it takes you weeks to update to the latest version release? After a dismal response I decided their motives were not genuine in protecting users. Stay away.

Re:Comodo is amateur security

[Win0ver]

They're a scummy company to say the least. They routinely call my company about our 'expiring SSL certificates', trying to make us renew with them, while pretending they issued our current certificates (which they obviously haven't).

They basically crawl the whole web looking for expiring certificates and call everyone, pretending to be the issuer.

Telling them to fuck off doesn't do anythying; they're still calling every time we have a certificate due to expire within a few months.

Oh and they're the only ones willing to provide a cert for TPB.