| Comodo Dragon | |
|---|---|
 | |
.png) Comodo Dragon 92, running onWindows 11 | |
| Developer | Comodo Group |
| Initial release | 2010[1] |
| Stable release | 131.0.6778.109[2]  / 23 December 2024 |
| Preview release | 131.0.6778.109[3] / 18 December 2024 |
| Engine | Blink[4] |
| Operating system | Microsoft Windows |
| Platform | IA-32,x86-64 |
| Size | 53.8MB |
| Available in | English and Spanish |
| Type | Web browser[5] |
| License | Freeware |
| Website | browser |
Comodo Dragon is afreewareweb browser. It is based onChromium and is produced byComodo Group. Sporting a similar interface toGoogle Chrome, Dragon does not implement Chrome'suser tracking and some other potentially privacy-compromising features, replacing them with its own user tracking implementations, and provides additionalsecurity measures, such as indicating the authenticity and relative strength of a website'sSecure Sockets Layer (SSL) certificate.[5][6]
Upon installation, Comodo Dragon offers the opportunity to configure either the Comodo Dragon or the user's entirecomputer to use Comodo's ownDNSservers instead of the user'sInternet service provider.[7] Comodo Dragon performs additional checks on theSSLdigital certificates of securewebsites, and informs users if a site'scertificate may be of insufficient strength. It includes an on-demand site inspector[8] designed to determine if a site hostsmalicious code.[9]
Instead ofGoogle Updater, Comodo Dragon features its own built-in updater. If Dragon isuninstalled, users are given the option of keeping Dragon'scache andcookie files or deleting them.[10]
In addition, the followingGoogle Chrome features are removed or disabled in Dragon:[11][12][13][14]
A Google engineer publicly disclosed a serioussecurity vulnerability in Comodo Dragon after Comodo failed to respond to the issue within the 90 days Google provides software vendors. The advisory warns users who install Comodo Dragon that Dragon replaces their default browser,hijacks DNS settings, and disables thesame-origin policy, which exposes users by allowing malicious websites to access private data.[17]
Comodo's first attempt topatch the issue was shown to be ineffective.[18] Comodo subsequently claimed the problems were fixed.[19]
Comodo tracks each user's time spent using the browser, its operating system, and browser inquiries aboutcertificate revocation, which reveal the sites visited. Users can opt whether they also track activity and use it in more detail than that.[20] Comodo and its partners use cookies andGoogle Analytics. "Comodo may disclose data to its affiliates and business partners who have established similar privacy standards."[21]
Their privacy statement says that only in California is theIP address considered personal information.[21] Comodo createslog files which track users, identifiable by cookie or browser features (and IP address outside California): "Comodo uses log files comprising of non-personally identifiable information to ... track movements throughout the site ... and gather broad demographic information foraggregate use."[21]
The browser is supported by ads which "relate to the content of the information as part of the Product or queries made through the Product."[20] They include many other software products, each with its own license.
The license has common terms about complying with subpoenas andinterception orders, againstreverse engineering, copying and sub-licensing, and disclaiming warranties and liability.[20]
The license also requires disputes to be settled by arbitration in New Jersey. Users must give accurate registration information, and pay Comodo's costs " that, directly or indirectly, are based on your breach of this agreement, the information provided by you, or your infringement on the rights of a third party."
Blink, since v. 28