Jump to content

Online Armor Run Safer Help.


Recommended Posts

Hello,

I have been using Emsisoft for almost a year now and absolutely love it. I am trying to learn more out the software so I can use it to its full potential. When creating rules I for new software I have noticed the "Run Safer" option. Which to my understand will run the program more securely. I was doing some reading around and saw that more advanced users set their web browsers and plugins to Run Safer. I am using Google Chrome. I have set Chrome.exe to Run Safer. When I was reading around about Run Safer I saw threads where people using Firefox are setting not only Firefox to Run Safer but Firefox's plugin container too. I have disabled Google Chromes built in flash player because I was having problems with that version of flash. It looks like Chrome uses beta versions of flash player in their latest builds because when I went to Adobes website the latest version there was not the same. Anyways, after installing flash I thought I would now see flashplayer.exe under programs in Online Armor so I could set it to Run Safer. However, there is no rules for flash player at all except FlashPlayerUpdateService.exe. There is also no rule for Java. I can't even find a rule for Internet Explorer to set it to Run Safer. I am using Windows 8 x64. Could someone let me know what I could try? Also, should I even worry about settings these programs up to Run Safer or should I use it more for programs I am worried about?

 

Thanks,

Rocky

Link to comment
Share on other sites

I have disabled Google Chromes built in flash player because I was having problems with that version of flash. It looks like Chrome uses beta versions of flash player in their latest builds because when I went to Adobes website the latest version there was not the same. Anyways, after installing flash I thought I would now see flashplayer.exe under programs in Online Armor so I could set it to Run Safer. However, there is no rules for flash player at all except FlashPlayerUpdateService.exe. There is also no rule for Java. I can't even find a rule for Internet Explorer to set it to Run Safer. I am using Windows 8 x64. Could someone let me know what I could try? Also, should I even worry about settings these programs up to Run Safer or should I use it more for programs I am worried about?

Run Safer is only relevant if you are using an Administrator account without UAC. Unless you changed your Windows settings manually, this isn't the case for Windows 8. In addition, Flash, Chrome, and Internet Explorer already implement their own version of "Run Safer" in form of a sandbox. Stacking "Run Safer" on top of those sandboxes may cause all kinds of issues and may actually lower the security provided as it may prevent the product's own sandbox from working properly.

 

Bottom line, outside of Windows XP "Run Safer" is of incredibly limited use and should be avoided as in most cases the additional security isn't worth the hassle.

  • Upvote 1
Link to comment
Share on other sites

@ Fabian Wosar

 

I am using Windows 8 x64 with and admin account with UAC off. I am using Emsisoft Online Armor, Anti-Malware, and KeyScrambler. I guess I am just trying to make sure I am well protected because I have noticed someone is attempting to hack into my back account. I have been getting e-mails that someone keeps trying to guess my security questions. I have contacted the bank but I have not got a response from them yet. When I go to my banks website should I put Online Armor in banking mode at least? Is there anything you can think of that I can possible do to make myself a little more secure?

 

Thank you,

Rocky

Link to comment
Share on other sites

"outside of Windows XP 'Run Safer' is of incredibly limited use and should be avoided"

This would be in direct conflict with local and online Help which is absent of any reference to Windows versions and as well (given no UAC or as admin) "RunSafer is best used on any program that handles internet content including web browsers, email programs, instant messengers, media players, word processors and other document viewers, download managers, and more."

Think maybe that needs an update?

"in most cases"
"may cause all kinds of issues"
Most cases?  May cause?  That's not very specific in an arena where specificity is critical.  There are either issues or there aren't.  As the developer the issues should be certain, documented and available to your customers.

Regardless of all that, if Run Safer works "by running user-selected programs as a Limited user when you are in an Administrator account" which, as you say may cause all kinds of issues, how is it that running the same programs while in an actual Limited user account would not present those same issues?

Finally, while I fully understand the need to market to an "install-it-and-forget-it" user base, for some the additional security is always "worth the hassle." happy.png

Thank you.

Link to comment
Share on other sites

Most cases?  May cause?  That's not very specific in an arena where specificity is critical.  There are either issues or there aren't.  As the developer the issues should be certain, documented and available to your customers.

There are no definitives. It mostly depends on how the target application reacts to circumstances it wasn't tested with. We don't know every application out there, therefore we can't test every application with "Run Safer" and therefore we can't tell you what exactly will break. There are two major categories of issues that tend to creep up most though:
  • Applications not handling the additional indicators added by Run Safer properly, resulting in rendering errors. This is especially true for hardware accelerated UIs (Firefox on Windows 7/8 comes to mind).
  • Applications requiring certain optional rights that get disabled with Run Safer. Best case scenario: They throw an error and just exit. Worst and unfortunately the most common case, they don't notice they were unable to acquire certain rights and just continue as nothing had happened, failing sometime later or operating in a manner that is potentially insecure.
Bottom line is, running internet applications with a limited user in general is a good idea. Since Vista this is already the default though and is exactly what UAC is all about, which makes Run Safer kind of obsolete on systems newer than Vista.
Link to comment
Share on other sites

I am using Windows 8 x64 with and admin account with UAC off.

Turn it on. Especially if you are using Internet Explorer.

I guess I am just trying to make sure I am well protected because I have noticed someone is attempting to hack into my back account. I have been getting e-mails that someone keeps trying to guess my security questions. I have contacted the bank but I have not got a response from them yet.

If your system was actually compromised, attackers wouldn't have to guess your bank credentials. More likely is they got a hold of your email address and potentially one of your passwords (crawler, hacked forum, simply bought it off someone, etc.) and now try if they get lucky. That is the way user accounts get hacked nowadays in most cases.

When I go to my banks website should I put Online Armor in banking mode at least? Is there anything you can think of that I can possible do to make myself a little more secure?

Enable UAC. Stay away from Firefox or Opera, use Chrome or Internet Explorer (only on Vista and later and only if you turned on UAC) instead. Uninstall Java. If you need Java for one of your desktop applications, at least disable the Java plugin in your browser. Keep in mind that Java has nothing to do with JavaScript. So uninstalling Java will not prevent you from using websites that use JavaScript, which is pretty much every website right now.

Banking Mode may work for you. But it was designed at a time where the Internet worked a lot different than it does nowadays. So it may fail, especially if your bank uses cloud computing and CDNs (which many do unfortunately). That being said, even without Banking Mode Online Armor is quite effective at keeping banking malware and password stealers out of your system.

Link to comment
Share on other sites

@ Fabian Wosar

May be a minority but still there are who log in as admin and continue to use internet and may be use the guest log in for gaming. I think  the assurance of a "Run Safer " by a recognised Software vendor does matter  for whatever it is worth. Also UAC is renowned for its very nagging prompts and have been discouraged at many a fora (for example a recognised/safe auto backup software which runs at the start will not run unless UAC is totally disabled in Win 7) , if the user believes he has a security product which takes care of the basic security of the system (why have all?). Run Safer is one of the Hallmarks of OA , and hopefully it gets its due share ...

 

In your reply to Dallas , point 1 is experienced by Firefox users. But as to point 2 , would that mean those applications will not run in the Guest mode as well , because those priveleges will be denied by Windows anyway?

Link to comment
Share on other sites

In your reply to Dallas , point 1 is experienced by Firefox users. But as to point 2 , would that mean those applications will not run in the Guest mode as well , because those priveleges will be denied by Windows anyway?

No. It doesn't. Running an application using a guest or standard user, will actually run the application as those specific users. Run Safer on the other hand will run the application using the currently logged on user (Administrator) with all permissions and access rights stripped. While it may sound like it's the same, it actually is not.
Link to comment
Share on other sites

OK.  This is a most revealing thread indeed.

While "all features are fully functional" in "Windows XP, Vista, 7 or 8…on x64 systems too" is exalted on your Web site and citing the previously quoted "RunSafer is best used on any program," here we learn that RunSafer under any account "is of incredibly limited use...and should be avoided and may actually lower...security."  UAC and standard user accounts are valued instead.  And Run Safer's limited user "may sound like it's the same (as standard user), it actually is not" even though the terms are used interchangeably in the docs.   Not to forget, it's "kind of obsolete."  Who knew?

As well, Banking Mode may work or it may fail.  This is one of the three "firewall with choice" modes, the ADDITIONAL BONUS.  Not much of a bonus anymore.

Fully understanding Windows is a ubiquitous and diverse technology spanning nearly a decade and a half, this is all quite acceptable but the disconnect between the technology, marketing and executive arms over there at Emsisoft is absolutely not.  Though your honesty here is greatly appreciated.  

With 100% agreement that "Online Armor is quite effective" (I find it extremely effective), the feature sets and instructions currently detailed at online-armor.com/features.php, www.emsisoft.com/en/software/oa/ and www.emsisoft.com/en/info/oa/ are nonetheless in need of a critical re-write.  And in help_ena.chm, too.  But you know that.

Thank you.

Link to comment
Share on other sites

While "all features are fully functional" in "Windows XP, Vista, 7 or 8…on x64 systems too" is exalted on your Web site and citing the previously quoted "RunSafer is best used on any program," here we learn that RunSafer under any account "is of incredibly limited use...and should be avoided and may actually lower...security."

Run Safer is fully functional on Windows XP, Vista, 7 and 8, both x86 and x64. So what exactly are you trying to suggest?

And Run Safer's limited user "may sound like it's the same (as standard user), it actually is not" even though the terms are used interchangeably in the docs.

It is nothing new that technical aspects are oversimplified in manuals for the sake of keeping it on a level that average users can understand.

As well, Banking Mode may work or it may fail.  This is one of the three "firewall with choice" modes, the ADDITIONAL BONUS.  Not much of a bonus anymore.

And your point is what? A feature became less important due to technical advances or changed circumstances. Nothing new really. Pretty sure plenty of AVs still advertise macro virus protection modules for Office although there hasn't been a major macro virus outbreaks in years. Doesn't make it less of a feature.
Link to comment
Share on other sites

Oh my!  Was I directly quoting you and your tech writers' words?

A security program that may actually lower security and may fail is... fully functional.  Got it.

And the other stuff... Oversimplified.  Nothing new.  Got it.

Link to comment
Share on other sites

A security program that may actually lower security and may fail is... fully functional.  Got it.

The security program doesn't fail. The application being run safer may fail, due to the limitations you impose. This is the case with every HIPS out there. Remove access to a resource the application needs to work and it will break. Remove access to a resource an application needs for their own protection mechanisms and you disable those protection mechanisms, potentially lowering its level of security.
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...