Comodo Sells Out To HopSurf, Loses Sight Of Priorities

Comodo, the security software company known for their array of products including the very popular Comodo Personal Firewall has recently made a deal with HopSurf to install their toolbar with every installation of Comodo Personal Firewall.  This isn’t the first time Comodo has had the option for a toolbar to be installed along with their software.  According to the Security Garden, Comodo previously would install the Ask.com toolbar, however, had promised to remove the Ask toolbar from their installer (which they did), but, now it has been replaced by HopSurf (see screen shot below – thanks to Calendar of Updates).

comodoinstall

I’m all for businesses making money, but, I also believe in business ethics and setting your priorities correctly.  This move by Comodo is in poor taste and quite frankly it portrays them in a negative light which it can (and probably will) come back to haunt them later.  The first problem with this move is that the toolbar is ticked by default (which means most people will have it installed) and the second problem is that because of this move by Comodo they will be destroying their greatest asset of all – the free advertising and expert recommendations that the anti-malware community provides to millions of people every year.

If Comodo thinks that the security community will continue to recommend their product, they are dead wrong.  The people who recommend Comodo after cleaning up a malware infected computer on forums across the web will no longer be doing so.  These helpers on various forums are volunteers, they do it for free and because they want to help people.  It does not hurt them (the helpers) any if they do not recommend your product (Comodo Firewall), but, it will (does) hurt you (Comodo).

Comodo, you need to set your priorities straight.  For starters, try reading your slogan “Creating Trust Online” because you certainly lost my (and many others) trust with this latest stunt.  I will no longer be recommending your product to anyone and I’m sure the rest of the security community is right behind me.

I hope you enjoyed all of the free advertising and recommendations because it’s stopping right now.


— Jeff Weisbein

Jeff is the founder & CEO of BestTechie. He has over 10 years of experience working with technology and building businesses. He loves to travel and listen to music.




Comments


  1. Comodo have been doing this for over 6 months with their own “safesurf” tool bar before this. So, this is nothing new.

    However, just because Comodo like bundling toolbars with their products, doesn't make the products bad enough for me to stop recommending them. Their firewall is a powerful peice of software, and the fact that it's free makes it even better. Toolbar or no toolbar.

    Even then, if I can remove malware such as Vundo, what's stopping me from removing a simple toolbar if I installed it by accident?


    • You totally missed the entire point here. It's not a matter of the software being good or bad, it's a matter of principals, priorities, and ethics.

      The fact that it's ticked by default is unethical, especially, since this company claims to be a security company which is supposed to protect its users from malware, viruses, torjans, and installers installing 3rd party software like this on users computers.

      Not to mention, there is no sign that they won't be adding more 3rd party software (even more potentially annoying/harmful software) in the future. The fact you can untick is irrelevant because it is ticked by default, and most people aren't you or me, so they will click right through and install it out of plain ignorance or just because they are in a hurry to install it.


    • My main concern is what besttechie has said: People who are not advanced users. The victim are the non-advanced users. They think it is OK, it is needed or it is required, and/or it is safe because they trust the security vendors will not install third party componets or services. How many times we've seen users posts in forums that they have no idea which software has changed their homepage, search page or have added a toolbar? This method use by security vendors bundling and pushing their product is same method of what we generally call as adware and PUPs.

      The 2nd concern is: There is no HopSurf and Ask.com EULA. Where is the EULA of HopSurf and EULA for Ask.com in the above screenshot? There is third party service involved in the installer. There should be 3 EULA. There should be clear disclosure by Comodo on what type of service does HopSurf will provide. There should be an option for people to see, read, agree or disagree with the EULA of HopSurf because HopSurf is entirely different software from CIS. The EULA of CIS does not apply to HopSurf and Ask.com

      Why 3 EULA you might ask…
      1. EULA for CIS – displaying to the people a license agreement in using the firewall and AV and update services/server in using Comodo.
      2. EULA for HopSurf – because Comodo's CEO claim that HopSurf is their software but since it's another application that is unrelated to CIS, there should EULA of HopSurf. On what the service is for and what people should know in using HopSurf.
      3. EULA for Ask.com service – because there is privacy concern in using Ask.com search when people use the said search via toolbar that is not Ask Toolbar. And because Ask.com is not Comodo, there should be EULA in the above installer for using Ask.com

      When they released CIS with HopSurf, there is 2 EULA online. None of EULA is linked in the above installer. They claim that one of the EULA is a mistake or both. Melih said there is another correct EULA which is in PDF format. Now.. this makes you wonder already whether this company is serious in providing privacy and security to its end-users. There is a concern here.

      The 4th concern: Why Comodo is not telling the truth that this HopSurf was created because of their partnership with IAC/Ask.com. At least, Symantec was professional enough to make a press release and admit that because of their partnership with IAC/Ask.com, they will integrate Ask.com on their Norton Safe Web Toolbar. Comodo is denying that HopSurf was created because of the partnership they have with IAC/Ask.com.

      The last but not the least concern on Comodo as company: Why Comodo have to create too many domains and services that try to show to people how good they are in trying to make the internet safe and sound if they themselves cannot control or monitor the issuance of their certificates. Imagine, fraudsters is able to get the trust by some people in buying their fake AV because they are carrying some Comodo issued certificate. Their defense is that they are not alone in doing this. That's true but are they doing the best practice in preventing the said security/privacy incident? If so, how? Why after so many months (since Winfixer days), there is still reports by trusted researchers/analysts like MVP Mike Burgess and MVP Steven Burn that their cert continues to be use by malware domains and frausters? There is little action from them. If this type of incident occured in Mozilla, Google and Microsoft, people goes mad. These 3 vendors will act soon and make advisory with acknowledgement/credits and solution so it will not happen again while Comodo is not doing this. They get angry. They questioned the ethics of people who reports. They accused me of witch hunting. They cannot even identify where is my blog and who is blogging LOL
      Corrine's blog, Mike's blog and my blog is not the same but Melih said it's Donna's. He don't know how blogging works and yet they offer HopSurf that will rate a blog site.


  2. Their “greatest asset of all” is their well written software product and the intellectual property IP backing it up. That people install it, and other people recommend it is a spin-off/ sideeffect of it being well written, and Free. Yes, that’s the truth of it – Free & good are what got the “anti-malware community”‘s attention. They earned this groups props. And because it works well and is now popular the earned the free money Ask and Hopsurf are offering them.

    Ask.com is a major search engine – always has been top 10 and is sometimes top 5. It is not malware – you have malware in your brain, that is how this action got twisted around in your blog. Do you know what malware does? It takes something good or free or both and tures it into something bad…
    Hummm… this sounds like your blog post, you took a story about a product more popular than you, and tried to spin it in a negative light – you, mister, are malware.

    PS: thanks for the update that they switched to a new toolbar.


  3. This is very short-sighted. Comodo developed HopSurf toolbar and replaced Ask toolbar. See this link: http://forums.comodo.com/feedbackcommentsannoun

    Being a malware researcher for Comodo, I do not like such comments. I specifically tested HopSurf and have not found any threats.

  4. Rennegadde says:


    The screen shot you posted along with your rant shows very clearlt that there are easy-to-use check boxes you can un-check if you do not want HopSurf. What's the problem? Too lazy or hurried to just un-tick them?

  5. justingoldberg says:


    Perhaps the better all-around solution for Comodo and for any software that installs toolbars without the end-user realizing what they are actually doing is to not use a check box but rather tell the user in the wizard if they would like to install the toolbar, and have a yes or no box, with neither choice checked on by default, where they have to actually make a choice, and show them what they are really installing. Maybe even link to a flash or slideshow tour of HopSurf on their website.


  6. Sadly ZoneAlarm are doing exactly the same, but with Conduit malware secretly installed behind their firewall. ZoneAlarm mentions NOTHING about this deceitful little trick. Their install box says:

    [x] Sets my default search to Google-powered search

    Note: “Google-POWERED”…… NOT Google!!! There’s a middle-man secretly snooping on and filtering your searches. And who knows what else?!!!

    I know you’re supposed to read the EULA, but who does that for every piece of software nowadays? Especially when it is designed to look innocent, and comes from a supposed reputable company? ZoneAlarm maintains that the toolbar is “optional”, but the user choices are deliberately designed to deceive the user, and they USE and ABUSE the TRUST of the user, that has often been built up over years of experience with ZoneAlarm.

    I came to this page because I wanted to find an alternative to ZoneAlarm, and reviews seemed to be excellent. Now I see that Comodo is no better. Thanks for the info!

Speak Your Mind

*