In an update on 31 March 2011, Comodo stated that it detected and thwarted an intrusion into a reseller user account on 26 March 2011. Comodo also stated that it was actively looking into ways to improve the security of its affiliates. The attack was immediately thwarted, with Comodo revoking all of the bogus certificates. Though the firm initially reported that the breach was the result of a "state-driven attack", it subsequently stated that the origin of the attack may be the "result of an attacker attempting to lay a false trail.". Moxie Marlinspike analyzed the IP address on his website the next day and found it to have English localization and Windows operating system. The attack was traced to IP address 212.95.136.18, which originates in Tehran, Iran. Nine certificates for seven domains were issued. On 23 March 2011, Comodo posted a report that 8 days earlier, on 15 March 2011, a user account with an affiliate registration authority had been compromised and was used to create a new user account that issued nine certificate signing requests. Though this showdown did not take place, Comodo has since been included in multiple independent reviews with AV-Test, PC World, Best Antivirus Reviews, AV-Comparatives, and PC Mag. Symantec responded saying that if Comodo is interested they should have their product included in tests by independent reviewers. In fact you have to go all the way back to 2006 to find an AV roundup where viruses were missed by some companies." Our most recent AV review this year showed no functional difference between free and paid programs in terms of stopping viruses, and it's been that way for many years. GCN'S John Breeden understood Comodo's stance on free Antivirus software and challenging Symantec: "This is actually a pretty smart move based on previous reviews of AV performance we've done in the GCN Lab. In response to Symantec's comment asserting paid antivirus is superior to free antivirus, the CEO of Comodo Group, Melih Abdulhayoğlu had challenged Symantec on 18 September 2010 to see whether paid or free products can better defend the consumer against malware. Melih Abdulhayoğlu invited top browser providers and certification authorities to a round table to discuss the creation of a central authority responsible for delivering digital certificate issuance best practice guidelines.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |