Blocked site

Skindeep
Skindeep Posts: 16 Observer

I am trying to access a political parties website but try as I may it's blocked and will not let me in even though I click "Allow Website.  The party is a recognised, legal and responsible body with representatives in the UK and EU parliaments plus local UK town and county councils.  F-Secure have no right to block.  I expect F-Secure to protect me from harmful web sites but not censor reputable organisations.  I am having to turn off F-Secure to deal with my business , leaving my computer wide open to abuse.  I have already brought this to the parties attention and can only think someone has given F-Secure malicious information to do the party harm and they have acted without checking the facts.

Comments

  • Ukko
    Ukko Posts: 3,770 Superuser

    Hello,

     

    Sorry for my reply.

     

    --> Does it blocked as harmful-rated website? Or any other restriction words?

    --> Did you try to restart system (or manually add website to "List of allowed/denied websites" or so called "Allowed&Blocked sites" under F-Secure Main UI)? Does it work after?

    --> If second point is not work: Do you able to provide information from your F-Secure installation about Updates. Tray-picture rightclick -> under tray-menu "Common Settings" -> Updates-tab; Does there listed any Strings like "Common Component Framework num.num.num"? Possible to trigger button "Check updates" and see if any fresh updates available?

     

    Thanks!

     

    // also it should be possible to use F-Secure SAS:

    https://www.f-secure.com/en/web/labs_global/submit-a-sample#sample-url

    And F-Secure Labs able to verify rating and re-rate it (if false-positive).

    Since -> this is should not be 'censorship' until information is not replaced to another one OR hidden by F-Secure; Also 'by design' should be possible to 'overwrite' their decision (by user decision).

     

    Good to know (also) more information about system (OS), browsers... if any suggestions is not work. Also (possible) to provide 'trouble' URL (with private letter - if you do not want to publish it) - I able to re-check with my own experience.

     

    // as general words: if any well-known or large companie's website will be hacked/exploiting by someone -> I able to suspect that security companies should to provide protection against it (as prevention/alert about it). Since such companie's websites did not provide protection. But, of course, quite often will be false-positive based on something else than real threat. With your own situation can be both meanings. Since you noted that is well-known thing and should be with enough staff for proper setup their website. BUT it also means that their competitors (or any others) want to deface them (for example, because they do not able to create something more interesting).

     

    Thanks! 

  • Skindeep
    Skindeep Posts: 16 Observer

    Thank you for your reply.  It's flaging up "Harmful web site blocked - This web site has been reported as harmful.  We recommend that you do not visit the web site" .  Goes on to ask me if I want to exclude this "application" from future scans.  It looks like javascript \scoped_dir8504_29655\CRX_INSTALL\js\background.js  So it could be one of three things, the script has been maliciously dropped in the website, the script is part of F-Secure and/or someone has maliciously reported the site as being harmful when it is no such thing.   I will try the options you suggest and see what happens.

  • Ukko
    Ukko Posts: 3,770 Superuser

    What about harmful-rating: it can be false positive indeed (or maybe not; or maybe was reasonable before... but not currently). And with such situation good to contact F-Secure Labs (as usage of F-Secure SAS). And possible to re-check web about potential 'known' information about reasons for this (or if investigation by website's owners). Usually -> there should not be totally false positive about harmful-rating (except that 'connection' with harmful things too much strange or mistake).

     

    BUT what about 'broken' Allow-website: recently was 'bug' (?) with F-Secure installation about such point. With my own experience: situation is fixed (or reverted to proper state) after all available updates (on current day). ALSO possible that Allow-button is broken temporary (before restart) OR by browser's restriction about some functionality (with such situation should be possible manually allow domain under related List). So, by design, should be possible to overwrite this decision to your own (with Administrator-rights).

     

    Thanks!

     

    Goes on to ask me if I want to exclude this "application" from future scans.  It looks like javascript \scoped_dir8504_29655\CRX_INSTALL\js\background.js  

    Does it related with accessing to website(?) or it's additional detection by F-Secure? Or when such 'ask' is visible? Based on 'path' - something about Chrome extension? But it can be part of 'F-Secure' blockpage itself. So.. not clear who ask about exclude. 

     

  • Skindeep
    Skindeep Posts: 16 Observer

    Thanks again.  I've reported the problem using the link you provided and will await F-Secure's response, in the meantime I will access the site via one of my other devices that doesn't use F-Secure.

  • Hi Skindeep,

     

    I have also highlighted about your post to our labs team. They should be working further on your report and provide more information.

     

    If you suspect any false positive in the future, please submit the sample to our labs for analysis.

This discussion has been closed.
Feedback on New Design