Long-time Scot’s Newsletter readers know this, but the newsletter’s transformation to a blog makes it a bit more public than it was, and I think it’s important to make something clear:
Scot’s Newsletter does not accept any payment from any computer product vendor. I don’t do product consulting of any sort. I do not accept random payments of any sort from any computer software or hardware maker.
Comodo’s president and CEO, Melih Abdulhayoglu, used his forum today as a podium to blast this Scot’s Newsletter Jan. 20th blog post. In that post, I notified readers here of my decision to stop considering one of the two modes that his company’s software firewall product, Comodo 3, offers during installation.
In the Jan. 20th post, I explained that because Comodo 3’s “Basic Firewall” installation option does not offer full-fledged leak protection, and because my first impressions of Basic Firewall’s user-interface were favorable, I needed to make a statement to my readers that:
The following is an excerpt from an email message sent to me by Dan McCoy, an SNB reader and VAR who configures and sells Windows XP PCs to businesses. The issue McCoy details is apparently localized to OEM Windows XP Pro SP2C CDs. But since Windows XP is due to stop being sold in the retail channel, OEM and possibly some other editions of Windows XP not generally available to the public will be the only ones sold after the end of this month.
Microsoft released a revision of Windows XP Service Pack 2 called Windows XP SP2C recently. The media for SP2C is not interchangeable with previous versions (SP2B, SP2, SP1, and XP original). You used to be able to take a PC that came with any Windows XP PC and use any of the same class (home or pro) media to do a fresh install and still use that code on the COA (certificate of authority) on the side of the case. Not any more. The codes that come with SP2C media only work with SP2C media and vice versa — forcing people to buy new copies of Windows XP in order to get the latest update.
For an important update to this blog post, please see this more recent post.
Note: This story has been updated for clarity on 1/22/2008 and 2/2/2008. Nothing has changed about my recommendation.
Because I have written in the recent past with an initially positive reaction to Comodo 3’s “Basic Firewall” installation option, I am honor-bound to post this quick message.
I have learned directly from Comodo executives that the Basic Firewall installation option of Comodo 3 offers only marginal outbound leak protection, not up to the levels of Comodo 2.4 or 3.0. The company may add that protection in a future version of Comodo 3.x. The Basic Firewall option turns off Comodo 3’s Defense+ HIPS module (which constitutes the “Advanced” default installation mode). Defense+ provides the leak protection for Comodo 3.
The previous generation of Comodo, version 2.4, provided anti-leak protection without the new HIPS module.
Not only does this mean that Comodo 3’s optional Basic Firewall mode is no longer a contender in this blog’s firewall evaluation, but if you’re relying on the Basic Firewall mode of Comodo 3 for your firewall protection, you should stop doing so. Windows XP users should switch to Online Armor Free version 2.1.0.31 (or newer) and Vista users should uninstall Comodo 3 and reinstall it, choosing the “Advanced” installation option.
[Note: Since I wrote that last sentence, Comodo has pointed out that you don’t have to uninstall and reinstall Comodo to switch to the Advanced mode but can instead do so by turning on the Defense+ HIPS module. The steps for making the change aren’t immediately obvious, however, so here’s how to do it: Open the Comodo 3 program window. Click the Defense+ icon near its upper right corner. On the left side of the window, click the Advanced button. Click the the last icon, Defense+ Settings. At the bottom of the next configuration screen, remove the check in the box beside “Deactivate the Defense+ permanently.” Comodo will prompt you to restart your computer. You must do so to enable full protection.]
Comodo 3’s “Advanced” default installation mode remains under consideration in my ongoing software firewall evaluation process.
More details will follow in the near future.
– Scot
My reaction to Apple’s announcements at this year’s Macworld earlier this month was largely that they were uninspiring. Hard to follow the iPhone, though. The big news is the debut of the sleek MacBook Air subnotebook. No doubt that this product has serious allure, but is it ready for prime time?
Check out my takeaways about MacBook Air at my Computerworld blog.
Besides, I could use some friendly faces over there!
– Scot
Tall Emu, a small but dedicated software company based in Australia, has been quietly developing and refining Online Armor almost as if it were reading Scot’s Newsletter’s specifications for the ideal software firewall for Windows XP and earlier. Some of those specs include (updated 1/22/2008):
Another specification is that the firewall support Windows XP (at least) and Windows Vista. (At the moment, Online Armor does not support Vista. Tall Emu plans to add that support in a forthcoming though possibly not imminent release.)
This post is a sneak peek into my current testing and research on software firewalls for Windows since I last wrote about this topic six weeks ago. In that article, I admitted Online Armor as a last-minute entry into the comparison to give Comodo 3 one last run for the money.
Over the last month and a half, I have received scores of helpful messages from Scot’s Newsletter readers detailing their experiences with Online Armor 2 and Comodo 3. I have also tested the paid version of Online Armor. My research has not concluded yet. I’m waiting for the next version of Online Armor because of a handful of issues with the product (installation mode doesn’t work that well and the documentation for the paid version is very spotty). Overall, however, people testing Online Armor who’ve written to me about it are very positive about it. Few people are reporting serious problems. The same cannot be said for Comodo 3, whose makers have released three or more iterations of Comodo 3 because of several bugs, crashes, and errors.
When you install Comodo 3 in its Basic Firewall installation mode — which doesn’t install the HIPS (host-intrusion-prevention system) — it’s a much more reliable and usable product. But it’s also potentially less protective than Online Armor’s built-in HIPS protection. I’m also beginning to become disillusioned with Comodo’s approach to software development. The company culture appears to favor hurry and time to market over testing and polish. I realize the product is entirely free. But when you experience a serious problem as some people have with Comodo 3, it becomes your time and frustration.
I have to stress the point that I have not had trouble with Comodo 3. It works pretty well for me (except for a bug related to its Help facility that caused a crash in the first release of Comodo 3). But I have had numerous emails from readers about their problems with Comodo 3. Many of those people have gone back to Comodo 2.4 or switched to some other firewall.
So, at this juncture, I’m leaning toward Online Armor, which has been 100% trouble free for me. I still have to perform security tests on Online Armor. Plus I need more time with it. And I’m waiting for an update to the product to see whether a few areas improve. Online Armor is a relatively young product. Its makers are still adding significant new functionality.
I’m still looking for your input on the latest versions of these two products. If you’re using Comodo 3 or Online Armor 3 (or both), please take a moment to send me your experiences, positive or negative, with the two software firewalls:
Or you can post them right here as a comment to this blog entry.
Stay tuned for a final software firewall recommendation. For more information on Windows software firewalls, check out the entire software firewall evaluation series.
Just a quick note to let longtime subscribers of Scot’s Newsletter know that the planned merger of the HTML and text lists has taken place. The subscription tools have also been upgraded (and greatly simplified) to support the change.
It’s important to note that Scot’s Newsletter has become the Scot’s Newsletter Blog Notification List. It is now a text-only, blurb-and-link newsletter that links to the blog. I merge/purged the HTML and Text lists into one. There’s no need for those previously subscribed to the HTML list to unsubscribe and resubscribe. This change is automatic for all subscribers and completely invisible.
So, beyond that … where’s your Scot’s Newsletter Blog content? It’s coming. As I do every year around this time, I took a vacation the last 10 days of December — which pushed me back quite a bit.
Expect a software firewall update in the near future. I’m also testing NOD32 3.0 (so far so good for me, but I’m hearing about issues).
Ciao,
– Scot