Comodo adds VPN, attacks competitors

An on-demand Virtual Private Network gets bolted into Comodo Internet Security and its quick scan gets a boost, as Comodo vigorously asserts its security suite is the best available.

Comodo Internet Security 5.9 detects new Wi-Fi connections and asks if you'd like to begin a VPN connection. (Credit: Screenshot by Seth Rosenblatt/CNET)

An on-demand Virtual Private Network and a better "quick scan" take their bows in Comodo Internet Security 5.9 (download), released today. Along with the new features, a Comodo Security Solutions spokesman had some tough words for the competition.

Comodo Internet Security 5.9, which despite following the security industry naming convention for paid suites is actually the name of Comodo's free suite, now supports the company's TrustConnect VPN service. TrustConnect uses 128-bit encryption to provide addition Wi-Fi protection, although it doesn't anonymize your traffic like Hotspot Shield does. The TrustConnect integration will automatically detect unsecure Wi-Fi networks and offer to activate the VPN.

The inclusion of support for TrustConnect in Comodo Internet Security does not make the VPN free. Users can pay for the tunnel access on demand, starting at $3.99 for a 24-hour pass, a monthly unlimited subscription for $8.99 a month, or a yearly unlimited subscription for $99.95.

Other changes in Comodo Internet Security 5.9 include a new "quick scan" engine, called Smart Scan. It replaces the Critical Scan option. Comodo's director of Desktop Security Products Egemen Tas says that Smart Scan is based on the company's Autorun Analyzer Technology, although it hasn't released numbers on how much faster users ought to expect Smart Scan to be.

There have also been tweaks to malware removal, some options have moved from the generic Preferences section to the settings panes for the features that they related to. Comodo has also added a download link to Comodo Dragon, the company-branded, security-minded free remix of the Chromium source code that powers Google Chrome. A pop-up window for Comodo's Geekbuddy tech support that appeared in the beta version of version 5.9 was removed, said Comodo spokeswoman Sarah Thomas, because it was "too aggressive."

Criticizing competitors
Tas didn't mince his words when asked about how Comodo differs from its competition. "Other antivirus companies want you to get infected," he told me in a phone interview on Friday. He compared Comodo to an insurance company, which protects you against financial loss, whereas the competition he said is, "like a pharmaceutical company," making money off of selling you a product you must have to survive. He also noted that Comodo has offered a $500 guarantee to customers if they get infected after installing one of Comodo paid products.

"We care about detecting," Tas said, "but it's not the first line of defense. The industry is switching to a more protection-based approach," something he says Comodo has been doing for a long time.

Some of Comodo's competition disagreed that they want customer's PCs to get infected. Representatives from several security suite vendors, including Avast, Kaspersky Lab, Bitdefender, and AVG said that the guarantee was a marketing ploy and pointed to the fine print of the guarantee, which clarifies that Comodo will only pay if the computer can't be repaired "to an operating condition."

Tony Anscombe, a representative from AVG, said in an e-mail, "The comment that most AV companies want consumers to have a breach is just marketing hype that makes for sensational news stories and advertising content."

"There are people who believe the 'conspiracy theory' that security vendors allow malicious software to exist for the benefit of their own business. Kaspersky Lab categorically rejects this notion. Furthermore, we believe it is completely irresponsible for a security vendor to reinforce these kinds of lies," Greg Sabey, senior technology PR manager for Kaspersky Labs, said in an e-mail. "Suggesting that some vendors intentionally allow malicious infections is absurd - trust and reputation make up the foundation of the IT security industry. In fact, Kaspersky Lab has a long track-record of working with international law enforcement agencies to disrupt cyber-crime organizations," he concluded.

In regards to Comodo's payout, Tas wrote in an e-mail to me that, "No one has ever claimed it."

One person who requested anonymity said Comodo is known for being provocative and pointed to a challenge by Comodo CEO Melih Abdulhayoglu to prove that Symantec was better than Comodo. According to the results of the that test, Symantec bested Comodo.

And Andrew Storms, the director of security operations for the security consulting company nCircle, added that while it was doubtful that security suite makers wanted customers to get infected, they probably wouldn't mind if their customers are attacked by known viruses that can be blocked. "After all, anti-virus users experience real return on investment when anti-virus software finds and protects their computer against an some new attack."

Results from independent testing organizations such as shows that while Comodo ranges between acceptable and very good at offering protection, it's not at the top of the field. AV-Test last looked at Comodo Internet Security 5.3 and 5.4 for its Q2 2011 test in June 2011. Comodo did not receive certification. Nor did Comodo submit to testing by AV-Comparatives' whole product test, whereas many of its competitors do. The most recent Comodo version checked by West Coast Labs' Checkmark certification was Comodo AntiVirus 4.0, more than a year ago. While it's true that some independent organizations such as Matousec rate Comodo's firewall very highly, it's safe to conclude that the suite's overall performance at stopping threats has either been inadequately tested publicly, or could be much improved overall.

The company has also been in the news this year for a digital certificate security breach. While not directly connected to the security suite, it does call into question some of the company's security procedures.