Smokey's Security Weblog

veritas odium parit

[UPDATED] Comodo Software Removed from Softpedia due to Adware/Spyware issues with CIS

Kudos to Softpedia! After reading their statement concerning Comodo Software, I can only tell Softpedia from this place: you have my full support. Pre-ticked boxes that will provide the user with crapware (adware/spyware) during the install of software is simply not done. It is sneeky behavior. Even worse, CIS – Comodo Internet Security install third-party software (SafeSurf), irrelevant to the main product’s functionality, without leaving room for option. Very indecent, especially because CIS is security software. This kind of software should protect the user, not to fool them with premeditation.

Softpedia article:

Stefan Fintea, Software News Editor
28th of April 2009

As all our regular users know, programs awarded by Softpedia with the 100% Clean and 100% Free awards have been thoroughly checked by our team of editors and passed several tests. Aside from the fact that all programs on Softpedia are scanned with world-renowned security products, all awarded programs are installed by our team and checked for any spyware or adware components.

We make sure the program doesn’t fall under any of the six cases mentioned on our adware definition page. Please be advised that this definition is our creation and has not been “borrowed” from an online or offline source. It was created by our team of specialists to ensure that it covers all cases that may result in the legitimate dissatisfaction of our users. Therefore, if we find adware in a program it will be listed accordingly, regardless of the license it’s listed under on the producer’s website.If the application has been found free of viruses/spyware and neither the installation process nor runtime experience reveal any unpleasant surprises, the program receives the 100% Clean award or, if it’s free for both personal and commercial use, the 100% Free award.A program will not receive any award (or even be published on Softpedia) if it’s impossible to successfully pass through all of the above steps. But if it is possible, as you can see, the rules are very strict and no exception will ever be made. If a program fails to pass the adware test, it will be immediately marked as Adware, regardless of its popularity, developer or current user rating on Softpedia.Now that we’ve cleared this up, you might be asking yourselves ‘OK, but what does this have to do with Comodo?” Well, if you had searched Softpedia for Comodo in the past week, you would have surely noticed that the company’s flagship programs were no longer listed on Softpedia.This was not our decision, of course, but let’s start with the beginning.On April, 15th, Softpedia received an official cease and desist letter from the Comodo legal team requesting us to “discontinue all references on Softpedia identifying CIS as adware” within seven days, because Comodo Internet Security is not adware.The first thing we did was, of course, to double-check the license, but, as we’ve tried explaining to the Comodo team, CIS is indeed adware.Why? Well, for starters, because the installer attempts to change both the browser’s homepage and search engine. As if that wasn’t a good enough reason, the setup also offers to install SafeSurf. Here’s what the official Comodo letter states: “SafeSurf is optional and does not display unsolicited advertisements on a user’s computer, nor does it hijack browser settings or perform search overriding or home page changing without the user’s consent.” Aside from the fact that SafeSurf is a component that the program (CIS) does not require to fully function, therefore it alone would be a good reason to mark CIS as adware, this utility also installs Ask Toolbar without asking for the user’s permission. This type of behavior is clearly not the one described in the Comodo email and could be easily classified as spyware (since adware would imply prior user consent).

Update: It was brought to our attention that users installing SafeSurf are informed in the utility’s EULA regarding the inclusion of software in their browser. Informing the user that third-party software irrelevant to the main product’s functionality will be installed without leaving room for option is not, by far, normal behavior. That would practically imply that producers can force users into installing any third-party software or changing their homepage or search engine and get away with it, because a notification was made in the EULA. Furthermore, the graphic provided in the setup window is clearly deceiving as it does not show the toolbar that is installed along SafeSurf.

Well said Softpedia, I have nothing to add.

Interesting read: “Current Practices of IAC/ Toolbars by Benjamin Edelman”

Softpedia invite you to provide their article with your opinion here.

Update, 3th of January 2009

This is interesting: by coincidence I noticed today that Softpedia removed their article regarding CIS (Comodo Internet Security) and also all comments on it. We can only guess for the why of this Softpedia trash action, but I don’t like this  suprising hide action at all…

I traced reactions of the Softpedia community on the trash action:

Interesting comment of one of these people, he wrote in bold so it seem he is not happy at all with the Softpedia ‘we-didn’t-wrote-anything-action’:

“Why did Softpedia remove all the pages, dedicated to this topic? I know that Comodo IS has been re-listed again on Softpedia, but all the articles ARE to be and should have been archived, but NOT simply deleted – the way Softpedia did.
Now I can’t comprehend whether the information and conclusions, issued by Softpedia’s staff can be trusted or, may be, that is a way of blackmailing software developers? I still don’t understand why all the articles with negative claims towards Comodo were removed from Softpedia. It’s abnormal – Softpedia has outraged our rights for information. Would be grateful for explanation from the Softpedia’s representatives.”

FWIW, a recent post on DSLR attented me again on the issue Comodo/Softpedia, thanks folks for waking me up!

Additional Update, 3th of January 2009

Here the opinion of loyal Comodo Trooper Endymion on the issue, posted May 06, 2009 in the Comodo forum:

“How nice for softpedia to withdraw some far-fetched claims. (ATM it should be still possible to read the previous revision form google cache before it will be wiped out.) Guess they still forgot to mention that there are other criteria for adware other than the ones which Softpedia Awards are based on and likewise that eventual FPs about legitimate toobars are usually corrected by many AV vendors.Nevertheless they made at least an attempt to remove some mistakes.”

and Comodo Chief Melih’s reaction on it:

“That was after our 2nd legal letter we sent this week!We asked them to remove all the statements that were defamatory. They seem to have a habit of changing stuff without explanation. Its very underhanded to change stuff and pretend that it didn’t exist and without explaining why they changed it.”

A certain darkwraith007 provide the Comodo community subsequent with his POV:

“[at] Comodo Devs:You have lost my respect. Be glad that your product comes without a monetary cost. I may still be needing to use it if only until Steve Gibson finishes his firewall (whenever that is) and it gets put to the test. Hopefully it’ll be free, but that’s doubtful.I can’t believe there’s so much back and forth between the meaning of this word and that word and so forth.PEOPLE DO NOT WANT THE ASK.COM TOOLBAR OR OTHER CHANGED BROWSER SETTINGS, DO YOU UNDERSTAND THAT?I hope you all can understand that and repair the reputation you have tarnished among your users. I miss the days of the Kerio Personal Firewall…now its a paid product. >_>If you respond to crticism of your product by sending legal letters, then perhaps I’m not wanted here.”

Stay tuned!

April 30, 2009 Posted by | Anti-Spyware, Anti-Virus, Bundleware, Downloads, Friends, Malware, News, Recommended External Security Related Links, Toolbarware | , , , , , , , , , , , | Leave a comment