To Customer Support To Customer Support

Comodo's 'security' kit installed a lame VNC server on PCs on the sly

  • 19 February 2016
  • 6 replies
  • 360 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

Modern antivirus: Easily crackable password, lets malware gain admin privileges

 
                                         


  18 Feb 2016 at 23:10, Iain Thomson Google's Project Zero has found yet another blunder in Comodo's internet "security" software – a VNC server enabled by default with a predictable password.
 
Earlier this month, Googler Tavis Ormandy pointed out that Comodo's custom web browser, dubbed Chromodo, was about as unsafe as a lace condom thanks to terrible security settings. Now Ormandy has found Comodo's software included a remote desktop tool that is ideal for hackers.
 
Full Article

6 replies

Baldrick
Rank
Userlevel 7
Never been a big fan of Comodo...don't like their sharp practices...so not really surprised by this...looks to be quite typical of their slapdash approach to things.
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
@ wrote:
Never been a big fan of Comodo...don't like their sharp practices...so not really surprised by this...looks to be quite typical of their slapdash approach to things.
Your feelings mirror mine, I have never liked them since they took ove BOClean.
R
Rank
Userlevel 7
OOOOPS!!!! Now comodo has to go back to the drawing board. That is somewhat embarrassing for them. They are always touting how good they are in the security area.
Baldrick
Rank
Userlevel 7
Not embarassing...they never get embarassed as they have such a brazen, cavalier attitude and inflated view of their prowess/skills. LOL
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
R
Rank
Userlevel 7
By Mark Wilson
 
http://betanews.com/wp-content/uploads/2016/02/tech_support.jpg
A researcher from Google Project Zero discovered a serious security issue with the technical support tools supplied with Comodo software products. Tavis Ormandy found that Comodo Antivirus, Comodo Firewall, and Comodo Internet Security all included a bundled VNC server with either no password protection, or a very weak password.
GeekBuddy is a remote desktop tool used by support staff to troubleshoot customer problems, but it also serves as a backdoor that allows for near-unrestricted access to users' computers. The tool installs with full admin rights, meaning that an attacker could very easily gain complete control of a remote computer.
 
full article here:
Baldrick
Rank
Userlevel 7
WHOLLY unsurprising and hopefully this will highlight to people precisely what Comodo are.;)
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.