Jump to content


Photo

Banking mode


  • Please log in to reply
13 replies to this topic

#1 Mars

Mars

    Member

  • Members
  • PipPip
  • 16 posts
  • OS:Windows 7 x64
  • AV:Online Armor
  • HIPS:Online Armor

Posted 11 March 2012 - 05:41 AM

Hi,

I have recentky noticed (and it also seems like others as well.. see post.. http://support.emsis...de-not-working/) that banking mode does not work like the way I thought it would.. It allows "trusted" domains (ie microsoft, emisoft etc) to be accessible when in banking mode. I would like it if I was able to choose what site was allowed in this mode. I believe banking mode should only allow the specified bank sites that I want accessible. Otherwise it shouldn't be called banking mode. It is rather misleading because microsoft is not a bank and its allowed. Online banking is an important part of todays' internet and we need to feel secure when we access our bank sites and that nothing malicious or otherwise is happening in the background.

#2 Fabian Wosar

Fabian Wosar

    Forum Veteran

  • Emsisoft Employee
  • 3225 posts
  • OS:Windows 8.1 x64
  • AV:Emsisoft Anti-Malware

Posted 11 March 2012 - 09:38 PM

There are reasons why those pages are whitelisted. By disabling access to Microsoft for example, we would also disable SmartScreen in Internet Explorer. Essentially we would hurt your security by blocking Internet Explorer from accessing the reputation data Microsoft collects to detect phishing and malware sites. The same is true for Emsisoft domains. By disabling access to them, there is no way for Online Armor to access the secure DNS server required to detect DNS poisoning or to access the Emsisoft Anti-Malware Network to request reputation data about running programs. The list of trusted domains is relatively small and each and every single entry inside the list is necessary to allow your operating system, your browser and ultimately Online Armor to function properly even with banking mode enabled.
Best regards,

Fabian Wosar [Development]
Emsisoft Team - www.emsisoft.com

#3 mundial

mundial

    Member

  • Members
  • PipPip
  • 18 posts

Posted 12 March 2012 - 07:05 PM

Sorry for gatecrashing here. Fabian, is it possible for you to give out the list, so we know at least which domains can be accessed in banking mode?

#4 Fabian Wosar

Fabian Wosar

    Forum Veteran

  • Emsisoft Employee
  • 3225 posts
  • OS:Windows 8.1 x64
  • AV:Emsisoft Anti-Malware

Posted 12 March 2012 - 07:42 PM

Sure, the following domains are currently on the hardcoded whitelist in the current developer version:
  • *.sun.com (updates)
  • *.microsoft.com (Smart Screen, updates)
  • *.windowsupdate.com (updates)
  • *.online-armor.com (EAMN, licensing, updates, secure DNS)
  • *.emsisoft.com (EAMN, licensing, updates)
  • *.ikarus.at (updates)
You can find the reason why they are whitelisted in the parentheses.
Best regards,

Fabian Wosar [Development]
Emsisoft Team - www.emsisoft.com

#5 Mars

Mars

    Member

  • Members
  • PipPip
  • 16 posts
  • OS:Windows 7 x64
  • AV:Online Armor
  • HIPS:Online Armor

Posted 15 March 2012 - 08:21 AM

Thank you Fabian for your response. Forgive me if I sound naive, I just want to clarify some thing. when you say microsoft.com is allowed, does that include bing and all microsof domains or just the ones that are important for keeping the operating system functioning properly?

#6 catprincess

catprincess

    Forum Veteran

  • Global Moderator
  • 1244 posts
  • LocationAustralia

Posted 16 March 2012 - 10:01 PM

Thank you Fabian for your response. Forgive me if I sound naive, I just want to clarify some thing. when you say microsoft.com is allowed, does that include bing and all microsof domains or just the ones that are important for keeping the operating system functioning properly?

*.microsoft.com means that a domain like windowsupdate.microsoft.com is accessible in Banking Mode. The asterisk (*) is a wildcard that means "any string", so in the example I used "windowsupdate" is the string that the wildcard replaces. Bing is not accessible in Banking Mode - there is no "bing.microsoft.com". Bing's domain is just "bing.com" and that is not on the list of hardcoded domains that Fabian posted.

#7 mundial

mundial

    Member

  • Members
  • PipPip
  • 18 posts

Posted 17 March 2012 - 06:37 AM

Sure, the following domains are currently on the hardcoded whitelist in the current developer version: ...


Thanks a lot Fabian. I am sure that this will put to rest all queries about permissible connections during banking mode. My suggestion to you is to kindly put it in the OA documentation at your convenience so that we can immediately see the list while reading about banking mode.Thanks again

#8 KathyJ

KathyJ

    Member

  • Members
  • PipPip
  • 23 posts

Posted 04 July 2012 - 09:13 PM

Sure, the following domains are currently on the hardcoded whitelist in the current developer version:

  • *.sun.com (updates)
  • *.microsoft.com (Smart Screen, updates)
  • *.windowsupdate.com (updates)
  • *.online-armor.com (EAMN, licensing, updates, secure DNS)
  • *.emsisoft.com (EAMN, licensing, updates)
  • *.ikarus.at (updates)
You can find the reason why they are whitelisted in the parentheses.


Why can't these domains be disabled while we're in Banking Mode? We can get updates, etc. later when we're not doing our banking. Now if we staying in Banking Mode all the time, I could understand but no one keeps it in banking mode 24/7. Mine used to work as others has mentioned. I was never allowed to access any web site except for the bank of my choice in my settings while it was in Banking Mode. This feature, the way it USED to work, is why I have kept renewing over the years but now, why bother.

#9 catprincess

catprincess

    Forum Veteran

  • Global Moderator
  • 1244 posts
  • LocationAustralia

Posted 17 July 2012 - 04:52 PM

The most recent posts by KathyJ have been split to a separate thread in Customer Support here http://support.emsis...h-banking-mode/ as they involve a problem with the program rather than being feedback related.

#10 krw

krw

    Member

  • Members
  • PipPip
  • 12 posts
  • OS:Windows 7 x64
  • AV:EAM
  • HIPS:Online Armor
  • Other:Malwarebytes

Posted 16 April 2013 - 11:11 AM

Sorry Fabian I have to disagree. Tell me what the whitelisted domains have to do with MSN.com? MSN has nothing to do with Windows update, or Microsoft update yet, I can reach that website in Banking Mode. Furthermore, I do not see the need to update Windows or Emsisoft products when in Banking Mode. Banking Mode use usually isn't for long periods of time, so why whitelist any websites for use in that mode. In my opinion, it defeats the purpose of Banking Mode according to your description of what Banking Mode actually does from a security standpoint which, I copied from the help file and attached to this post. I personally no longer trust Banking Mode and will reconsider the use of this product because of this.

 

K Waterman

 

 



#11 Fabian Wosar

Fabian Wosar

    Forum Veteran

  • Emsisoft Employee
  • 3225 posts
  • OS:Windows 8.1 x64
  • AV:Emsisoft Anti-Malware

Posted 16 April 2013 - 11:44 AM

Furthermore, I do not see the need to update Windows or Emsisoft products when in Banking Mode. Banking Mode use usually isn't for long periods of time, so why whitelist any websites for use in that mode.

Secure DNS which is part of the banking mode implementation is performed as a web service on our servers. So during banking mode Online Armor has to be able to access our servers for banking mode to work properly. Some banks use Java as part of their online banking system, so proper connectivity to the Sun servers may be required to work properly there as well.

 

The reason why you are able to access msn.com is due to the shift that occurred in the internet landscape in the past couple of years. Websites are rarely hosted on a single server anymore, but instead pull information from CDNs and clouds which are shared by thousands of different sites. Browsers changed a lot as well, who now active try to improve loading speeds of your most visited websites by autonomously preloading them in the background by just starting the browser. This happens quite a lot during the initial learning phase of the banking mode as well, allowing pages you have set up as your start page or in your browser's favorites by accident.

 

Unfortunately one of the previous design decisions for Online Armor was to hide a lot of the complexity that is going on in the background when learning a new site for banking mode to avoid overwhelming the user. So the current list hides all domains that were pulled into the allowed list during learning mode when you learned one of the trusted sites. We will make all entries visible in the domain list with one of the next Online Armor updates to give you more control and allow you to remove sites from the allowed list that were pulled in by accident.

 

Even with that change though, you may still be able to access sites you didn't specifically allow, just because your bank may pull in data from systems hosted in the cloud, automatically allowing all sites hosted in the same cloud to be accessed as well. There is no real solution for that and one of the reasons we consider replacing banking mode entirely in one of the next versions.


Best regards,

Fabian Wosar [Development]
Emsisoft Team - www.emsisoft.com

#12 krw

krw

    Member

  • Members
  • PipPip
  • 12 posts
  • OS:Windows 7 x64
  • AV:EAM
  • HIPS:Online Armor
  • Other:Malwarebytes

Posted 16 April 2013 - 03:55 PM

"The reason why you are able to access msn.com is due to the shift that occurred in the internet landscape in the past couple of years".

 

This issue just started with the installation of IE 10. In fact, running the program on a Windows 7 64-bit system unpatched with IE 9 does not allow any connection, to any websites, other than my trusted domain list. Therefore, again, I have to disagree with your explanation as to why websites not on the trusted domain list are suddenly reachable in Banking Mode.

For Banking Mode to function any other way renders the feature useless and dangerous.

 

Sincerely

 

K Waterman



#13 Fabian Wosar

Fabian Wosar

    Forum Veteran

  • Emsisoft Employee
  • 3225 posts
  • OS:Windows 8.1 x64
  • AV:Emsisoft Anti-Malware

Posted 16 April 2013 - 04:21 PM

Therefore, again, I have to disagree with your explanation as to why websites not on the trusted domain list are suddenly reachable in Banking Mode.

Actually those websites are on your trusted domain list. You just can't see them there because they were learned when you initially trained the system and therefore don't show up in the list. As I already mentioned, we will change the list to display all allowed sites no matter whether they were allowed explicitly or implicitly.


Best regards,

Fabian Wosar [Development]
Emsisoft Team - www.emsisoft.com

#14 paultim

paultim

    New Member

  • Members
  • Pip
  • 1 posts
  • OS:Windows XP
  • AV:avast
  • HIPS:avast
  • Other:avast

Posted 13 August 2013 - 01:12 PM

Dear does that include bing and all microsof domains or just the ones that are important for keeping the operating system functioning properly? 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users