I initially only installed “Comodo Firewall” but for some reason they also installed a “Comodo Dragon Browser”, which I did not consent to. I always choose the “advanced” installation to uncheck bloatware, but in this case there was none and when you try to uninstall the browser, they force you to participate in their survey otherwise you won’t be able to uninstall the software…
To be fair, hooks can pose a security risk despite how useful they may be, and I would like to have control over such things. The Windows API made things like global shortcuts very easy to implement by writing a key logger instead of using the proper API, so many programs abused hooks and other risky APIs for these purposes.
The Windows API also makes it trivial to use these hooks without any kind of UI like recording software usually shows. There are combinations of window flags, positioning, window style, and weird compositioning tricks that will make these windows invisible to the user but seem like a normal screen recorder to any security software running.
Of course you should never enable such low-level security software if you don’t know what keyboard hooks are and how they work. I believe Comodo did warn you that some security levels were intended for experienced users, but like the Windows team discovered, every single user considers themselves experienced gods of IT if you hide options behind such warnings.
The real problem wasn’t Comodo or any tools like it, the problem was that Windows software used malware like low-level interceptions for things that could be accomplished using much better APIs they didn’t know about.
The issue and why it wss stupid wasn’t that it was a hook, its that it was attributing it to any app you opened when by definition a global hook is GLOBAL - you do users no gppd by scarinh them into thinking every global hool is malware frpm whatever random thing they ran. Those alert even would trigger on windows notepad. There is no reasom amy comnination of iser options should do this.
That was piss poor design and they evenyually walked it ba k after months of defending it by implying users amd security researchers were stupid on their forum, simce deleted. Its not in the wayback machine or I’d show you. Thier “fans” dogpiled on the topic after thier staff replied condesdingly.
That could be a Comodo bug, but honestly it could just as easily be a DLL injecting itself into random executables (had a lot of those in the mid 2000s/early 2010s, especially if the program used an IE panel somewhere to render HTML). I’ve never had Comodo freak out about hooks installed by other programs during the time I’ve used it.
I looked around on the internet for more context but all I can find are plausible/accurate global hooks and end users that don’t know what a global hook is. I’m not sure why they’re seeing this, I’m guessing they put up the “security level” as high as it could go without considering what that may do.
Not a bug exavtly - they didn’t think it through. To see what I was talking about you’d need a very very old version. Like way back when it was new. It seemed the that it was the developers that didn’t know what a global hook was. They were just very obnoxious about it before finally seeing reason and correcting the behaviour. At the time, it woild fire for -every- global hook. To my knowledge you can mo longer reproduce this, but the reaction they had to someone trying to suggest this wasn’t right was enough for me to never go near anything under thier brand ever again.