Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by dallas7

  1. Well, that flies in the face of your online documentation, support threads here, direct contact I've had with helpdesk.emsisoft, cc.emsisoft and extensive hands-on experience. http://www.emsisoft.com/en/info/oa/Domains.shtml "The configuration in this section of the Online Armor Control Panel is also used for Banking mode." "Protected domains are allowed to be accessed in any mode." Considering some things get lost in translation, by virtue of "also" and "any" - simply stated, that means Trusted, Protected and Blocked Domains apply in ALL modes. Period. At one point in time I created several Protected rules for several verisign.com sub-domains and received "Potential DNS Problem" alerts from OAP while in Advanced mode and just surfing the Web or upon opening Thunderbird and I gave up on that scheme. In my attempts to reign in Google I discovered, in Advanced mode, blocks to 1e100.net pretty much broke Google's maps, gmail, etc. Thus, my previous observations expressed here in several threads that the left hand knows not of what the right hand is doing over there at Emsisoft have reached indisputable realization. As well as to the woefully inadequate online documentation. Example - while the Options tab is shown in the screenshot, no discussion is presented. And as of v7, what else is wrong with that screen shot?? http://support.emsisoft.com/topic/7404-domains-ignore-online-armors-domain-list/ "Ticking 'Ignore Online Armor domains list' ... configure(s) OA not to use the internal list of known Trusted domains." It should be understood within this construct my (and others) complaint, ignored as it is, is not with the Free OA but with the paid version which purports to have an ADVANCED mode where as it has been revealed here has always trusted and used an internal domain list but kept it hidden in some sort of laughable strategem. I've un-installed OAP from both my systems and replaced it with your competitor's product which by popular acclaim, editorial content and my own experience is every bit as effective as yours. Except, of course, it won't forcefully self-populate and re-self-populate as trusted the likes of youtube.com, iobit.com, doubleclick.com, etc to be trusted while online with Banks. http://support.emsisoft.com/topic/7404-domains-ignore-online-armors-domain-list/ "...the Banking Mode feature ... allows Trusted and Protected sites to connect while in Banking Mode..." See images: http://support.emsisoft.com/topic/12565-domains-in-v7/#entry89747 http://support.emsisoft.com/topic/12565-domains-in-v7/#entry89769 Because banks need to connect to breibart.com. BTW, the sales department is reneging on the refund. Something about my purchase from a partner. As if the refund shouldn't come from Emsisoft. But I don't care about the refund; keep it and don't spend it all in one place. I care that after many years, since Tall Emu's v2.5, this blatantly ludicrous "trusted" domains issue is passed off as an "improvement" and met with hubris and indifference. Adios to you and Emsisoft.
  2. dallas7, on 29 Nov 2013 - 3:17 PM, said: …not discussing banking mode. Fabian Wosar, on 29 Nov 2013 - 4:54 PM, said: …certain sites in banking mode… Oh well.
  3. I decided to hang back a bit to watch how this develops. I was motivated to return today when I found a Trusted entry for iobit.com. Iobit! Yes Fabian - this is a new development. If it wasn't a new development you wouldn't have users posting up exactly that. You keep going on about banking mode when clearly we are not discussing banking mode. All that chatter about DNS and CDN and yadda yadda contributed nothing at all. We are all trying to tell you this ONE THING: the Domains pane populates trusts all by itself. What in heavens name do you not understand?? THIS NEVER (repeat: NEVER) HAPPENED IN PREVIOUS VERSIONS whether or not "Ignore" was selected under the options tab. In all the years I've used Online Armor on a bunch of systems in various configurations, I have NEVER had domains get dumped in nilly-willy. Again: NEVER. The solution is simple: put it back the way it was or get rid of it, preferably the latter. Good gosh almighty - what the heck is it going to take? At this point in time if I do not get some kind of assurance that v7's Advanced Mode will return control of Domains to the paying customer I'll simply have to request a pro-rated refund and uninstall from my two systems. Alternatively, I would accept an offline installer for the last iteration of v6. Thank you.
  4. FYI & reiterate: Up to and including my #17 post on 10/23 I never engaged Domanins' Learn function. Quoting meself: "Do a complete uninstall/purge/re-install of OA, the very first time you see the System Status screen, immediately switch from Standard to Advanced mode. This will greatly inhibit the addition of new items. Switch back to Standard and things will start getting added again and returning to Advanced will not stop it." Just to make sure, I repeated this on 10/25 and observed the same behavior. As of that point in time with hopefully the last re-install, I've been working with OAP in Advanced and Banking modes only. (FYI: prior to v7, I had always had 12 Protected domains only in the Domains pane with Ignore enabled under the Options tab for a very long time. Nothing ever showed up by itself.) I performed a Learn for four financial sites I've been using for several years and pretty much re-created the Protected domains I had in v6. I removed everything else and have conducted business on three of the sites twice and the other once. In the screen shot, one can see that as of today a mutlitude of domains have shown up while in Banking and Advanced Modes without any interaction from me except for moneypak which I added manually. Some have no relation to the financial sites (i.e. avast, mbam). Every one of the domains I've blocked showed up after using Banking Mode. Except for v2cdn.net (Edgecast) having arrived today, working in the financial sites has not been affected by the blocks. So, in V7 I now have to: 1) Make sure I never accidentally hit Standard Mode when switching out of Banking Mode. 2) Without a History for Domains, painstakingly monitor for any new stuff showing up and determine its status for block or trust. As for 2, I had to do this just a little while ago for v2cn. There is no reason I can justify why Edgecast needs a hit while I'm banking. Same for ebay or liveperson or chat.anywhere or... well, you know. Fabian, let me ditto blues' sentiment in #16 above. Arthur, I'd rather you folks work on blowing away Banking Mode/Domains in v7.next than with Debug Logs. Spending time on the latter is futile anyhow considering Fabian's detail. You can close out Ticket ID #MIU-607-43517, too. In closing, since the Tall Emu era I haven't found anything which rises to the level of Online Armor Premium - well, OA++ actually. Not having researched anything in this arena for over a year, I now ponder instead of renewing licenses on 10/21 for two systems I should have looked for something else - an undertaking I do not relish. Having an app issue a Trust, regardless of its perceived or acclaimed innocence, without my intervention is something I relish even less, let alone paying for it. Save for the granularity of bending Firewall rules to my will, why then shouldn't I run Free in full time Standard Mode? Oh yeah, it trusts Google, You Tube and just about everything esle on the Web. Thanks again and Best Regards to all!
  5. Thanks for all the response. The Domains I presented in #11 populated without ever having done anything in Banking Mode or its Learn process and everything discussed prior to that without ever having done anything in Banking Mode or its Learn process. Every last one of them showed up all by themselves. And if a site is removed, it will show up again. In the meantime this is what I have discoverd this: Do a complete uninstall/purge/re-install of OA, the very first time you see the System Status screen, immediately switch from Standard to Advanced mode. This will greatly inhibit the addition of new items. Switch back to Standard and things will start getting added again and returning to Advanced will not stop it. I did this on Monday and as of this morning and after about 6-8 hours of accruded surfing this is what is in my Domains: Needless to say I'll never evoke Standard mode again. Which might be easier said than done. I remember having a back-and-forth with you about this a while ago. I agree with you 100% which is why I was surprised to see Banking Mode still present in v7. Banking Mode never figured into this discussion but only with what was going on in Domains. And that has always been the most confusing aspect in OA Premium: Domains in Banking Mode and Domains in not-Banking Mode. Now it's frustrating as well.
  6. And after a couple of hours of afternoon and early evening surfing...
  7. I went ahead and did the uninstall double reboot and purged the system of any OA files and registry entries. I installed v7 and to my surprise, the Domains pane was completely empty. However, the addition of URLs persists. My German is bit rusty but with the assistance of Google Translate, it seems this user has the same concern, here about bing.com: http://support.emsisoft.com/topic/12638-online-armor-7-beta-default-domains/ Not that it's any comfort, but I'm glad I'm not alone. Here's another screenshot taken after clearing all the URLs and spending about 10 minutes opening some Web sites: Unlike for zerox, bing.com hasn't shown up yet but I'm equally concerned about the likes of doubleclick and godaddy. And Breibart?! I tend to agree that paypalobjects.com doesn't need to be trusted for anything. Ditto for google. I know it's a weekend and I'm hoping to hear from Andrey as next week opens. But I'd appreciate a response to this ASAP: Thank you.
  8. Well, I'm not sure if my original question is still relevant as I thought You Tube was Emsisoft's. Now I know otherwise as there were several hundred domains in there right after I did the v6 to v7 update.. I don't even know what a default Domains would look like, Do you have anything in your Domains that doesn't look like it would anything to do with banking? It would be fairly obvious. Thanks.
  9. Good to know. But earlier I reported a comic strip (grimmy.com) and presently I have forum.palemoon.org, voicetoamerica.com and guns.com among others listed. Needless to say, I'm not wild about OA's improved banking mode, the inability to ignore specifically. While in this discussion, Christian or GT500 0r other Emsisoft support: 1) Does Domains do anything when NOT in Banking Mode? 2) Disabling Web Shield doesn't stop the behavior. What does, if any? 3) Can I get a default Domains.sav from one of you folks? In the meantime, Arthur forwarded my ticket to Andrey. Thank you.
  10. This is also an addendum to Ticket ID #MIU-607-43517 I have since come to realize this has nothing to do DIRECTLY with from the folder of .URL files or the subscriptions in my RSS reader. I can delete all the entries in the Domains pane and after just a couple of minutes of surfing, it'll just begin populating itself. Emsisoft and Malwarebytes updates will add update.emsisoft.com and data-cdn.mbamupdates.com. Later on safebrowsing-cache.google.com, nimbus.bitdefender.net (TrafficLight Extension) and eventually there'll be 100's. In the interest of simplicity, an early post-clearing screenshot:
  11. There's a serious problem here. I imported my Domains.sav of 12 portected domains I've built over time. Immediately, OA begins to add and trust domains from my RSS reader (QuiteRSS), i.e. sott.net. There are about 70 subscriptions in that reader but only a handful are added. And upon doing a Check for Updates > Signatures and Rules Only, URLs from a folder of .URL files on my D: partition, i.e. grimmy.com (a comic strip), are added and trusted. There are 1460 .URL files in that folder but only a few hundered are added. I'm opening a ticket with addtional details and supporting data.
  12. Thanks for the continued development of Online Armor. The resident update run from v6 went smoothly. And running A-OK. I see now where Domains is populated with 100's of entries along with the dozen or so I built myself over time. The Options tab is gone, and as such no longer ignorable, so can one assume all those entries were previously referred to as the "Online Armor domains list"? If some of these are deleted (Trust youtube? I think not.) will they return upon a Signatures and Rules update? Thank you!
  13. Thank you for the clarifications. Especially regarding the splitting of keys. But this still remains open: Thank you.
  14. So if you right click that Program Guard item you don't get a context menu where you can select Allow and Trust (among others)? Or is that not available in the Free version? If that's the version we're talking about here seeing how AMD didn't bother with that detail. Free? Trial or Premium - Standard or Advanced mode??? FWIW, over the years with OA (since Tall Emu), I've found the Learning Mode squares away many a perplexing perplexments. Afterwards one can check the history and tweak the rules if needed. Well, depending on Free or Premium. As well Sandboxie ain't worth the mouse clicks expended to download it. Cheers!
  15. @Emsisoft staff I've currently reached an impasse in a ticket at helpdesk dot emsisoft. I am running OAP on two systems with keys expiring on October 24 and November 5. As it's been explained, if I purchase 3-PC OAP today, I will receive one key. If I install OAP on the third system today and activate the key on the other two systems on October 24 and November 5, all three keys will expire on August 6, 2014. Can that possibly be correct?? I am also left unclear as to if I would purchase three OAP today and activated only the two current installs on October 24 and November 5, they will expire on October 24 and November 5 2014. Yes, no? Not a big deal seeing they are 11 days apart; I'd like to know nontheless. Please clarify ASAP as there is a nice deal on 3-PC buy I'd like to take advantage of if not for a third system but to renew the two later on even if both will go to October 24, 2014. (No, fellow members, don't post up asking me where the deal is. I found it with google - so can you. Cheers.) Thank you!!
  16. EEK (Nice release - good job!!) 1) In the Whitelist, under the Scanner column when an item is checked it is... Included in the scan? Excluded from the scan? 2) Are Wildcards now supported? 3) For a partition, external SATA, USB device or network share point, is a Folder Type Item (for example) N:\ a valid entry being inclusive of every file therein? 4) For 3) if not, what then? Thank you.
  17. Oh my! Was I directly quoting you and your tech writers' words? A security program that may actually lower security and may fail is... fully functional. Got it. And the other stuff... Oversimplified. Nothing new. Got it.
  18. Given the revelation in the June 10 "Online Armor Run Safer Help" topic which by the reasoning that "designed at a time where the Internet worked a lot different than it does nowadays," the Online Banking mode may work or fail... Do those reasons apply also to the domains entered as Protected in the Domains panel? (And "Ignore OA domains list" enabled.) Is it the DNS checker at the root of this "work or fail" interaction with clouds and CDNs? Thank you.
  19. OK. This is a most revealing thread indeed. While "all features are fully functional" in "Windows XP, Vista, 7 or 8…on x64 systems too" is exalted on your Web site and citing the previously quoted "RunSafer is best used on any program," here we learn that RunSafer under any account "is of incredibly limited use...and should be avoided and may actually lower...security." UAC and standard user accounts are valued instead. And Run Safer's limited user "may sound like it's the same (as standard user), it actually is not" even though the terms are used interchangeably in the docs. Not to forget, it's "kind of obsolete." Who knew? As well, Banking Mode may work or it may fail. This is one of the three "firewall with choice" modes, the ADDITIONAL BONUS. Not much of a bonus anymore. Fully understanding Windows is a ubiquitous and diverse technology spanning nearly a decade and a half, this is all quite acceptable but the disconnect between the technology, marketing and executive arms over there at Emsisoft is absolutely not. Though your honesty here is greatly appreciated. With 100% agreement that "Online Armor is quite effective" (I find it extremely effective), the feature sets and instructions currently detailed at online-armor.com/features.php, www.emsisoft.com/en/software/oa/ and www.emsisoft.com/en/info/oa/ are nonetheless in need of a critical re-write. And in help_ena.chm, too. But you know that. Thank you.
  20. "outside of Windows XP 'Run Safer' is of incredibly limited use and should be avoided" This would be in direct conflict with local and online Help which is absent of any reference to Windows versions and as well (given no UAC or as admin) "RunSafer is best used on any program that handles internet content including web browsers, email programs, instant messengers, media players, word processors and other document viewers, download managers, and more." Think maybe that needs an update? "in most cases" "may cause all kinds of issues" Most cases? May cause? That's not very specific in an arena where specificity is critical. There are either issues or there aren't. As the developer the issues should be certain, documented and available to your customers. Regardless of all that, if Run Safer works "by running user-selected programs as a Limited user when you are in an Administrator account" which, as you say may cause all kinds of issues, how is it that running the same programs while in an actual Limited user account would not present those same issues? Finally, while I fully understand the need to market to an "install-it-and-forget-it" user base, for some the additional security is always "worth the hassle." Thank you.
  21. Thanks for the reply. I did search the forum a bit but the topic named firefox 18 mp didn't jump out. Even so my original post was more contextually in the nature of RunSafer and the green border. Sorry, I did fail to mention my screen shot was of a a clean portable install (no Extensions, Themes) and Plugins (Flash, Java, Silverlight) disabled. Anyhow, my posting 3 here pretty much verifies your empirical conclusion in post 17 of PRS's topic that the issue is hardware - good call. As well the observations of the users posting there mirror mine... acceleration or border, not both. FYI: the black-out issue doesn't exist in Thunderbird 17, PDF-Xchange and few other apps I RunSafer. And I should note that while I tested with Firefox, the issues exists in my primary browser, Palemoon 64-bit. So we can most likely conclude it does also in all Geko 18 engine layouts?? Is there any chance you folks could build a toolbar button for Mozilla browsers that will indicate RunSafer? I suggest the OA systray graphic with its gold border replaced by green or red depending on the status of RunSafer. Tschüß!
  22. Thanks for the tip for testing RunSafer. I've confirmed that when only Firefox.exe is set as RunSafer, it will not be RunningSafer. Firefox-portable.exe must be set as RunSafer. The issue is when FFv19 hardware accelleration is enabled, a left click on a tool bar or the status bar results in a blacked-out pull-down. Turning off hardware accel resolves that but at a costly hit in rendering performance for the sake of the green border. The desired workaround is to disable "Show colored border on programs set to RunSafer" in order to enjoy hardware accel. The feel-good benefit of the green border is an acceptable loss. Especially considering "There are instances where the green border will fail to display." The issue occurs on my i7-3770K Z77 AMD-HD7770 desktop running Win7hpSP1x64 and Catalyst 12.10. (My i5-2430M HM65 IGP-HD3000 laptop running the same OS is OK.) Could be Catalyst 13 would fix it, but currently at 13.1 I'm reluctant to act as a test-mule for AMD. Maybe I'll give 13.4 a go later on this year. Cheers.
  23. @ Emsisoft Support only, please... In a typical portable application (i.e. Haller's popular Firefox and Thunderbird iterations) and, for this discussion, the launch of Firefox-portable.exe handles the subsequent launch of Firefox.exe. When the former is set to RunSafer, the latter then RunsSafer, of course, as evidenced by the green border. 1) If in Programs > Advanced options, Firefox.exe (and not Firefox-portable.exe) is set as RunSafer, will Firefox then, not having the green border, be RunningSafer? That is, is the green border the 100% definitive indicator that an app is RunningSafer? 2) In the scenario where Firefox.exe and Firefox-portable.exe are not configured to RunSafer in Advanced options and plugin-container.exe is configured to RunSafer in Advanced options, will plugin-container be RunningSafer? Thank you!
  24. I also go with "Automatically allow trusted programs to access the internet" and "Autoconfigure trusted programs" unchecked. As you discovered, you'll have to build a range for that application and keep adding ports until the alerts stop. You'll end up with a series of comma separate ports of widely separated vaules (i.e. 80, 443, 3220, 8080) or many in a close range which you can clean up by editing them into a range like 1172-1235. Do you have the Firewall option "Intercept loopback interface" enabled? If your popups persisit in alerting for IP for different ports then that's probably the cause of the justified popup mania. If you don't want to disable that, you'll need to build a separate rule for the application, use the range 1025-65535 and restrict the endpoint to (or .2 or .3 etc. for specialized local proxy applications). For either the app or the loopback, closer scrutiny of the alerted ports might allow fine tuning the ranges to 1025-49151 (registered ports) or 49152-65535 (ephemeral ports) instead of the whole 1025-65535. I keep the loopback intercept enabled - I don't know if exploiting the local proxy is still in wide use, but I'm not taking any chances. It's alotta work building the rules, but I have on many occasions blocked requests to open ports <1025 on while browsing in the two years I've been running OAP (and other firewalls I ran previously offering such granularity). Cheers.
  25. "Well, I've always considered that an unnecessary/redundant step when Firefox (the main process) is set to RunSafer. The reason being that the plugin-container process would inherit the 'Run Safer' setting in any case." I can interpret from your use of "in any case" you assign perfection to Online Armor. I don't assign that to anything and with about two years of up close and personal experience with OA (Free, Premium and ++) on several systems, I certainly can't assign it to OA. That's not to say OA isn't the Best In Class IMHO. As such, unnecessary is a personal judgement call. And redundant is A-OK by me as in this case it takes about 2 seconds to implement. So I will re-qualify my call "if you haven't already done so you should set plugin-container.exe to run so" to One might consider setting plugin-container.exe to Run Safer also. Enough said. I won't be revisiting this thread. Cheers.
  • Create New...