Comodo Antivirus Tech Support Feature Lets Anyone Connect To Your PC

An anonymous reader writes: Google Project Zero security researcher Tavis Ormandy has discovered that one of Comodo's tech support tools packed with many of the company's security products leaves the door open for attackers to connect with admin privileges on the user's PC. He discovered that to blame for this problem was a remote desktop tool called GeekBuddy, which Comodo was bundling with its security software. This tool either used no password, or used a simple system to create the password which tech support staff would use to connect to user PCs. Ormandy previously discovered a similar issue in Comodo software, related to the company's Chromodo browser.

GeekBuddy ðYðY

[OOSCARR]

It's not a bugd, it's a feature!

USA DoJ mandates Apple install ...

[Alain+Williams]

Comodo Anti-virus on all iPhones, "it is irresponsible of Apple to not protect its users using this fine software" -- next week's news.

Re:Comodo is amateur security

[Somebody+Is+Using+My]

Wasn't there a thing where Comodo was issuing false certificates for Google, Microsoft, etc. too a few years ago? I think their servers got breached too... Oh yeah, there was.

These guys have repeatedly been in the news for having problems like this. It certainly does not make for a very compelling reason to trust your security to them.

Re:Comodo is amateur security

[Win0ver]

They're a scummy company to say the least. They routinely call my company about our 'expiring SSL certificates', trying to make us renew with them, while pretending they issued our current certificates (which they obviously haven't).

They basically crawl the whole web looking for expiring certificates and call everyone, pretending to be the issuer.

Telling them to fuck off doesn't do anythying; they're still calling every time we have a certificate due to expire within a few months.

Oh and they're the only ones willing to provide a cert for TPB.