Do Not Rely on Comodo 3’s ‘Basic Firewall’

Yikes! Melih, the author of CFP, is not pleased at all at Finnie's take on all of this:

http://forums.comodo.com/feedbackcommentsannouncementsnews/how_would_you_rate_comodo_personal_firewall_and_what_to_improve-t24.0.html;msg127424#msg127424

 

I can't make head or tails of Melih's reply. English is obviously not his first language. He clearly disagrees with Finnie's assessment, but I have no way to evaluate his reply.

 

I'm not sure where to stand on this one!

As an employee of Comodo, we work hard to make the best security solutions out there, bar none. The post from Scot had some incorrect assumptions including the erroneous belief that in certain installation modes, Comodo Firewall Pro does not have outbound protection – when in fact it does. It is worth repeating -- Comodo Firewall Pro does provide outbound protection in all installation modes. Scot’s assertion that it did not to have outbound protection is a serious accusation based on his misunderstanding of the product. We are anxious to correct this misperception as misinformation can lead to the wrong conclusions.

Melih Abdulhayoglu, Comodo CEO explained his position regarding Scot’s post in the Comodo Forum  http://forums.comodo.com/feedbackcommentsannouncementsnews/feedback_cfp_3_basic_installation_merged-t18598.0.html;msg128025#msg128025

 

At Comodo a point of pride is that fact that we are open to feedback. Good and bad. There is no small irony to the fact that this “basic” firewall installation mode which caused all confusion was a last minute addition because users wanted that option. We will continue to respond to our users because that is what ultimately creates the most brilliant solutions. That’s as it should be.   

 

Judy Shapiro

Thanks for posting Judy.

 

I've been following the brouhaha between Melih and Scot with interest. It has become a bit heated, and I think there was some misunderstanding on both sides as to terminology and motives. But at least I now have a better understanding of what the basic CFP 3 does, and does not do.

 

To summarise (and correct me if I'm wrong):
1) The basic CFP 3 firewall, without Defense+/HIPS, does not protect against outbound malware
2) The basic version thus will not pass most leak-tests
3) The basic version does detect other outbound traffic, such as attempts by WMP and other legit apps to phone home. (In this sense I erred in stating it was no better than Windows FW, and hereby retract that statement.)
4) The basic version was offered because beta testers indicated they might want to use this with other HIPS protection programs.
5) The default (and recommended) installation is the full version, with D+.

 

I think Finnie worded his blog badly, but in his defense I would note that he is currently evaluating FW's with full outbound protection against malware. And he is right to exclude the basic CFP 3 from further contention on that basis. The full version is still in the running, and Scot has yet to give his final report and recommendations.

 

I also think there was a lot of confusion at large as to just how much protection the basic FW afforded, and I'm glad that this is now cleared up. I do think the title of this thread is still accurate, however. In my mind, the major point of getting a 3rd party FW is to protect against outbound malware, and by itself the basic version doesn't cut it.

 

As a very satisfied user of the full version, I look forward to reputable independent leak-testing websites confirming that it is as good as CFP 2.4
(and note that 3.0 has yet to be tested).