Tsimmes

Banking Mode Not Functioning Properly.

Recommended Posts

I have set up banking mode by visiting my bank websites and going through the learn process with each. Unfortunately my expectation that only websites that I've protected or trusted would be accessible is not being met. When in banking mode I'm am able to go to all manner of websites that I haven't chosen including some suspicious ones. When I check OA's website module I find dozens and dozens of websites that I didn't put there and that I certainly don't approve of. When in banking mode I want my computer to ONLY go to the sites that I have chosen and placed as trusted or protected in the websites module. This is not happening. I have seen other posts where people are having similar problems. Banking mode is NOT secure and this should either be investigated by Emsisoft or the option be disabled until it's fixed. I'm using OA Premium 4.5.1.431. Please advise.

Share this post


Link to post
Share on other sites

Are the sites you are able to go to that you think you shouldn't be able to go to, appearing as Trusted in Websites? Or do they appear as Unknown?

That's the maddening thing...they all appear as trusted and reappear no matter how often I delete them! Additionally, OA allows me to go to websites that do not appear in OA's Web Sites. In essence banking mode is like normal mode and I can browse to any website even if it's not in OA's Web Sites. Surely that's not how it's supposed to work. Thanks for your reply catprincess.

Share this post


Link to post
Share on other sites

If you're running an AV that uses a local proxy, and if you have excluded this AV in OA, then this will happen simply because the traffic is passing through the AV's proxy and this proxy excluded from OA. I am not sure if your setup matches this situation or not though.

Trusted sites can be added automatically for a few reasons. Sites that resolve to the IP of an existing Trusted entry in the Websites list (or on Online Armor's built-in Trusted list) are added as Trusted automatically. Sites that resolve to the IP of your DNS server may also be added as Trusted.

Share this post


Link to post
Share on other sites

If you're running an AV that uses a local proxy, and if you have excluded this AV in OA, then this will happen simply because the traffic is passing through the AV's proxy and this proxy excluded from OA. I am not sure if your setup matches this situation or not though.

Trusted sites can be added automatically for a few reasons. Sites that resolve to the IP of an existing Trusted entry in the Websites list (or on Online Armor's built-in Trusted list) are added as Trusted automatically. Sites that resolve to the IP of your DNS server may also be added as Trusted.

I connect to the Internet through my ISP (Shaw Cable). My AV is Avast and I've needed to exclude Avast in OA and OA in Avast. Does a proxy server come into play here? I'm a little confused. It appears that every website I visit (and some that I haven't visited) gets added to OA's Web Sites list.

Share this post


Link to post
Share on other sites

My AV is Avast and I've needed to exclude Avast in OA and OA in Avast. Does a proxy server come into play here?

Avast! filters Internet content operating as a proxy server. Web applications such as your browsers are automatically configured to connect to Avast! in order to connect to the Internet. Those connections are created using the Loopback Interface.

You might also want to intercept those connections, please see "Intercept Loopback interface" from the OA Web Help (this option is enabled by default): http://www.online-armor.com/webhelp3/Options.html#firewall

Regards,

N.

Share this post


Link to post
Share on other sites

Does a proxy server come into play here? I'm a little confused.

As Nick explained :), yes, Avast uses a local proxy. Unfortunately, this does mean that if you exclude Avast in OA, you'll be able to access any site while in Banking mode. Exclusions means that everything for that program is excluded and in the case where that program is filtering your web traffic, this is excluded also.

Share this post


Link to post
Share on other sites

Exclusions means that everything for that program is excluded and in the case where that program is filtering your web traffic, this is excluded also.

Even tough the web traffic is excluded due to the exclusion of the "filtering program", it doesn't mean that if you are browsing the internet and accidentally get some malware file through your browser, OA will allow it to run on your system without alerting you. Am I wrong, Catprincess?

Share this post


Link to post
Share on other sites

Even tough the web traffic is excluded due to the exclusion of the "filtering program", it doesn't mean that if you are browsing the internet and accidentally get some malware file through your browser, OA will allow it to run on your system without alerting you. Am I wrong, Catprincess?

No you aren't wrong :) Only unknown programs that are executed from within the excluded directory are able to do so without OA asking you. An unknown file that executes from your temporary internet files (say a drive by download type thing) would be most definitely result in OA issuing a popup. The same goes for any other location that isn't excluded.

Share this post


Link to post
Share on other sites

No you aren't wrong :) Only unknown programs that are executed from within the excluded directory are able to do so without OA asking you. An unknown file that executes from your temporary internet files (say a drive by download type thing) would be most definitely result in OA issuing a popup. The same goes for any other location that isn't excluded.

Thanks so much, Catprincess

[OT] - @Catprincess, I'm almost sure that a couple of days ago I accidentally added and removed you as a friend while randomly clicking buttons on the forum and messing up my account... I'm sorry for that : D

Share this post


Link to post
Share on other sites

No you aren't wrong :) Only unknown programs that are executed from within the excluded directory are able to do so without OA asking you. An unknown file that executes from your temporary internet files (say a drive by download type thing) would be most definitely result in OA issuing a popup. The same goes for any other location that isn't excluded.

It would appear that the solution to the problem would be to no longer exclude Avast in OA. Unfortunately the reason I excluded Avast was that my computer locked up after the last Avast update to version 5.1.889 and wouldn't boot to the desktop. Quite a few OA users had the same problem and the advice on the Avast Forums was to exclude Avast in OA, not only the program files but also in the File System Shield, Behaviour Shield and the Web Shield. Is my browsing less safe as a result or can I infer from the quote above that it's only banking mode that isn't working properly but that I'm otherwise protected with OA Premium. I can always boot from my Ubuntu Live Disk to do my banking although I did like banking mode when it was working properly. What would you advise?

Share this post


Link to post
Share on other sites

Is my browsing less safe as a result or can I infer from the quote above that it's only banking mode that isn't working properly but that I'm otherwise protected with OA Premium. I can always boot from my Ubuntu Live Disk to do my banking although I did like banking mode when it was working properly. What would you advise?

Considering the explanation given by Catprincess, we can infer that apart from the banking mode not properly working, you have the full protection provided by OA Premium.

Perhaps, if you like to use the banking mode, you might temporary disable Avast! from the tray icon only for that specific session...

Share this post


Link to post
Share on other sites

Thanks so much, Catprincess

[OT] - @Catprincess, I'm almost sure that a couple of days ago I accidentally added and removed you as a friend while randomly clicking buttons on the forum and messing up my account... I'm sorry for that : D

You're welcome, and no worries about the button clicking ;)

Share this post


Link to post
Share on other sites

It would appear that the solution to the problem would be to no longer exclude Avast in OA. Unfortunately the reason I excluded Avast was that my computer locked up after the last Avast update to version 5.1.889 and wouldn't boot to the desktop. Quite a few OA users had the same problem and the advice on the Avast Forums was to exclude Avast in OA, not only the program files but also in the File System Shield, Behaviour Shield and the Web Shield. Is my browsing less safe as a result or can I infer from the quote above that it's only banking mode that isn't working properly but that I'm otherwise protected with OA Premium. I can always boot from my Ubuntu Live Disk to do my banking although I did like banking mode when it was working properly. What would you advise?

It's only Banking mode that is affected (and only one part of Banking mode). The DNS protection used for Banking mode is unaffected - that ensures that you are not being redirected to phishing websites designed to look like your banking website and capture your login information. It's only the sites you are able to visit while in Banking mode that will be affected by excluding an AV with a local proxy. If you are doing shopping, banking etc on sites with a secure https connection, this shouldn't be a huge problem anyway as the information being sent is sent securely to that particular site :)

Share this post


Link to post
Share on other sites

It's only Banking mode that is affected (and only one part of Banking mode). The DNS protection used for Banking mode is unaffected - that ensures that you are not being redirected to phishing websites designed to look like your banking website and capture your login information. It's only the sites you are able to visit while in Banking mode that will be affected by excluding an AV with a local proxy. If you are doing shopping, banking etc on sites with a secure https connection, this shouldn't be a huge problem anyway as the information being sent is sent securely to that particular site :)

Thank you catprincess and Nick for the information and help. Much appreciated.

Share this post


Link to post
Share on other sites

You're welcome, Tsimmes :)

Solved - thought I would add a further note in case anyone else encounters this problem. The simple solution was to remove the Avast exclusion from OA whilst leaving the OA exclusion in Avast. Banking mode is now working perfectly, no unwanted sites are being added to the Web Sites list and the computer boots without any issues. Thanks again for helping me work through this.

Share this post


Link to post
Share on other sites

Thank you catprincess and Nick for the information and help. Much appreciated.

Nick and Catprincess, thanks for the explanation of something, which never ocurred to me that should work like you described. As such, it is a pretty big hole in the OA protection and should be either warned against in capitals or corrected immediately. Banking mode was such a great concept at the beginning, unfortunately TE never completed it into a great tool. And I doubt Emsisoft ever will.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.