We hope FS add one option when we need to choose-

Dear FS Team
I'm very luck to use your beta production named of FS Protection,
but I have a question when I used it,please open FS Protection and click DeepGuard setting,
On the right side, we have 4 options to choose,now we choosed 3(ask me whether to connect to the Internet),
 
when I opened one software,such as CCleaner,FS will ask me whether to allow the program connected to the Internet,
if I clicked "I trust this program,please continue", the program will connect to the Internet and run;
if I clicked "I don't trust this program,please stop it forever", the program will not be able to run,
 
but I want to this program run and not connect to the Internet,now FS can't meet my request, could you help me to solve this question?
We hope FS  add one option when we need to  choose----- only stop program connect to the Internet but the program will run,
 
looking forward to your reply,thanks!
 
Best Wishes!
Antony

Best Answer

Comments

  • SimonSimon Posts: 2,643 Superuser
    I'm not sure that an option such as you suggest would actually help in this situation, as it would be the program itself which decides if it will run without being connected to the internet. F-Secure would only prevent internet access in this case - it wouldn't block the program from running.
  • NikKNikK Posts: 935 Rock Star

    I made a feature request for this about a year ago, but still no feedback from F-Secure Smiley Sad

    Here's a picture of what I wanted:

    Deepguard new.png

     

    http://community.f-secure.com/t5/Feature-Requests/Improve-Deepguard-security-for/idi-p/36795

    antony
  • SimonSimon Posts: 2,643 Superuser
    But FS isn't blocking the application, is it? It's only blocking the internet connection. So, if the application is programed not to run without an internet connection, this option wouldn't help, would it?
  • antonyantony Posts: 9

    yes,wonderful picture,

    You understand my opinion!Smiley Tongue

  • antonyantony Posts: 9
    In some cases,maybe we only need run the program and
    did not want the program use network.
  • NikKNikK Posts: 935 Rock Star

    Hi Simon,

     

    It's blocking the application until you allow it. And when you allow it it means you also allow its connections. You have no other option if you want to continue using the application and that's the problem.

    Programs make connections to "phone home", check for updates, log things etc, and even worse if it's a bad program, but most programs still run fine even without a connection.

     

    However, programs that require a connection would probably not run or work properly, for example programs like online scanners.

     

    I started using a product called WFC by BiniSoft to have full control of my Windows Firewall outbound connections, partly because of this problem with DeepGuard. But it's something I only recommend to advanced users. An easier option is using Sandboxie and restrict what programs are allowed to connect to the Internet from within Sandboxie. CCleaner is not suitable to run inside a sandbox, but many other programs are.

  • NikKNikK Posts: 935 Rock Star

    Antony,

     

    I don't know if they've changed DeepGuard in Beta as I don't use Beta. But I've never seen DeepGuard ask me about CCleaner as that's a known and trusted program. ATM I'm using the latest CCleaner version v4.18.4844 (26 Sep 2014) and I get pop-ups from Windows Firewall about connections, but not from DeepGuard.

  • antonyantony Posts: 9

    .

  • antonyantony Posts: 9

    Hi NikK

    Here is my picture,I am not sure whether you can understand Chinese language.Smiley TongueSmiley TongueSmiley Tongue

     20140927171456.jpg

     

    20140927171915.jpg

  • NikKNikK Posts: 935 Rock Star

    I don't understand Chinese but I understand the pictures :)  We want the same thing.

     

    See my previous post and verify if you have a legitimate CCleaner version. I found it strange that DeepGuard asked about CCleaner.

  • UkkoUkko Posts: 3,180 Superuser

    DeepGuard will be ask about CCLeaner (and asked it before) with some of next points:

     

    -> During installation about languages files (as trying to get/re-get it during installation).

    But probably it's should be dropped already.... as detected-reason.

     

    -> During first launch with checking for updates (by new version of CCLeaner - which can be new.. after latest version, which known for DeepGuard as trusted application).

     

    If you don't want to see this Prompt by DeepGuard.......... probably during installation you able to configure CCleaner as "unmarked feature for automaticlaly checking updates" (and some other).

     

    Also.. if you do not trust for application, which potentially can to goes work with network connection - probably here better... does not use it. Because - it's can be with network traffic.. which will be not prevented by any security features. Here I mean - current "feature"-point good.. as "allow application, but prevent network connection" - but basically.. it's can be just workaround... and application will be work with broken design. If here "malicious" reason for network connectio - good that it's blocked totally..

     

    Anyway - current situation with CCLeaner can be prevented by "uncheck/unmark" feature "automatically check for updates" by CCleaner.

    Or one time allowing - which will be as "remembered trusted for system" (not likely).

     

    But your screenshot with Prompt.. have "pcmaster.exe" name.. which maybe not really related with original version of CCleaner?

     

    Sorry for long reply without good information.

  • antonyantony Posts: 9

    You are so modest,thanks for your reply.

    Maybe I confused you,

    Actually, CClean is my example,not only CClean need us to choose but also others, 

     

    I has  trusted  the CClean otherwise it doesn't work,so you can't see the picture now,

    the picture shows PCMASTER.EXE not CClean,this is another application,I know the application is safe and connect to the Internet maybe order  to checking for updates,but I still want to let it run without  network  situations.

    Ukko
This discussion has been closed.