Jump to content

Banking Mode & Sandboxie

Recommended Posts

Have any of you (OA techs and members) done any extensive testing when using "Banking Mode" along with Sandboxie?


I am curious about whether "Banking Mode" is fully functional when connection to the net is made via a sandboxed browser, Firefox (latest version) in this instance.


The reason I bring it up is that I know, for example, that "Web Shield" does not operate properly via a browser under the supervision of Sandboxie...but as far as I am aware, "Banking Mode" had no such issues.


This morning I logged into one particular financial (credit card) website in "Banking Mode" without using Sandboxie and got a warning from OA, "Potential DNS Problem Detected", on that site as the IP's didn't match OA's trusted info.


I've logged in to that site via the same method daily for months (at the very least) when using "Banking Mode" with Sandboxie so naturally I was quite surprised by the alert.


So, in a nutshell, do you know whether the DNS check is running successfully in "Banking Mode" if Sandboxie is employed? 

(I know that "Banking Mode" will still not allow connection with certain sites via Sandboxie if they are not on the user's or OA's list of trusted / protected sites.)


I'm now wondering if it's preferable and more secure to do all of my banking and financial connections in "Banking Mode" outside of Sandboxie.


Thanks in advance!


(Running XP Pro SP3, Sandboxie 3.76, OA Premium & EAM (latest releases) and Firefox 19.0.2)

Link to post
Share on other sites

Okay, I have found out something interesting...


There is a bank in the U.S. called "Ally".  While in "Banking Mode" outside of Sandboxie I typed in ally.com, hit enter and got the following:




I then went into "Banking Mode" under supervision of Sandboxie and entered "ally.com" and was connected to www.ally.com


When I went back to an unsandboxed "Banking Mode" browser and re-enered, ally.com, the page was blocked with a message in red across the page that OA had blocked the site.



So...it seems that Banking Mode is not functioning properly (at least on the DNS level) within Sandboxie.


Now the question is, which setup is more secure against real world threats? 


Thanks for any light you can shed on this situation.

Link to post
Share on other sites

This morning I logged into one particular financial (credit card) website in "Banking Mode" without using Sandboxie and got a warning from OA, "Potential DNS Problem Detected", on that site as the IP's didn't match OA's trusted info.

This can happen when a domain name resolves to more than one IP address. Such a setup is not uncommon with banks, as they would want a redundant system to handle heavy load and issues where one of more IP address is not accessible.

As for combining Sandboxie with Banking Mode, I don't recall any issues being reported, and I have not personally tried it, so I cannot say if there are any issues without first doing some testing.

Link to post
Share on other sites

Arthur, my post #3 above would seem to indicate that (at least on my system) the DNS checker for OA's Banking Mode is being rendered inoperable (or bypassed) within Sandboxie.

Wouldn't you agree?

Yes, I do. ;)
Link to post
Share on other sites

Another odd thing I found during my testing of "Banking Mode" yesterday, Arthur, is that even with a brand new Firefox profile which has no bookmarks or retained history of any sort, I can connect to various (non-banking) sites that are not saved within my domains list (even with "ignore Online Armor domains list" checked under options). This is true whether used with or without Sandboxie.

Additionally, these extraneous sites (as well as banking sites) don't necessarily even have https enforced.

I'm a huge fan of OA and EAM but I have to be honest when I say that Banking Mode is in need of a serious overhaul. (And I believe that Fabian has mentioned in the past that this is in the works, thankfully.)

It seems to me that something like a dedicated banking browser within OA ,in concert with a trusted DNS service and forced https might be a way to go...with strict enforcement of connecting only with sites related to the domains listed by the user...but I'll leave that to the experts to ponder.

Thanks for letting me vent.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...