Troubleshooting: Issues accessing websites

[Deleted User]
[Deleted User] Posts: 0 Former F-Secure Employee
in F-Secure Sense

Browsing protection feature of SENSE protects users and devices from accessing URLs that are classified as unsafe in the F-Secure cloud.

 

Typical user visible behavior appears as follows:

  • If the request is accessed through unencrypted protocols (http) SENSE redirects the user to a block page.
  • If the connection request is made using TLS (https link), SENSE is unable to redirect the user to a block page. The address is still blocked however and appears "inaccessible". This is normal behavior.
  • In both cases, user sees an event in the SENSE app event list that an address was blocked.
  • Also the home screen of the app turns yellow. This status goes back to blue when the block events are inspected by the user.

Whitelisting through the SENSE application is being worked on and will be available as an update as soon as it is ready.

 

If you feel that a URL has been misclassified, you can report it to F-Secure through here and our analysts will take a look and fix any problems with the classifications: https://www.f-secure.com/en/web/labs_global/submit-a-sample

 

4Like Awesome

Comments

  • F6
    F6 Posts: 53 Enthusiast

    Two points about the wrong classification (http://dl2.filehippo.com for the one blocking me at this time, trying to update (again !) CCleaner)

    - you take 6 days to reply (!!!!!) case xxx and case xxx

    - and you say thaht the URL is not harmful, and whitelisted, but you block it again and again  !

     

    https://www.f-secure.com/en/web/labs_global/submit-a-sample is perfectly useless

     

     

     

    1Like Awesome
  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    Sorry for my reply. Since I'm also only F-Secure user (their home solutions) and my opinion not required there; But just as my own feedback (partly); And also partly some ask (about your experience);

     

    With my experience F-Secure SAS is useful, but:

     

    --> usually it take three-four work(only) days;

    but - time to time - you able to hit with "some hours" response!

    even expected time is one-two workdays;

     

    --> with certain situations - you have to re-ask multiple times for "proper" re-rate it (based on some limitations and so);

     

    --> some URL-ratings "re-back" (with my own experience - some of such examples was resorted after multiple transferring this URLs... and long time how "false positive" do not back about them);

     

    --> time to time - F-Secure improves their "detection"-designs and fixed certain points. As result - there can be temporary increasing  "fresh" false-positives;

    Also compare to this "false positive" situations..... indeed "harmful"-rated pages  with much more count.

    Even not all of "indeed malicious" websites marked as harmful..... there anyway many malicious page got the harmful/suspicious-rating pretty speedy.

    It was my feedback; But do I able to ask you about your experience (?!):

     

    --> transferred URL was about "dl2.filehippo.com" (or direct URL for CCleaner.exe)?

    --> previous URL (?!) for 531-build was "whitelisted" (after F-Secure SAS response)?

     

    Anyway -> such blocking (under dl2.filehippo.com) not only about CCLeaner (direct downloading URLs); And maybe only such direct URLs rated as harmful (or based on something else); 

    But if previous URL for CCleaner was "re-rated" to safe-rating --> maybe there possible to re-ask about certain concern; I did this.... with fresh URL to F-Secure SAS;

     

    Also:

     

    --> does there any reasons to use "filehippo", but not their own "piriform" src-option?

    But.. when F-Secure SAS got current view/design of work; And when there introduced "Captcha".... I thought that it will be useful for response-time; But with my own experience.... there start be more delay-time with response (even response usually more interesting and powerful);  Maybe based on "more" tickets/queries; Also - with most of good meanings - they have to properly re-check each URL with ALL potential troubles under domain, page, website, resources (what if it hacked/exploited by someone; or page with tricks from first; and much more another meanings);

     

    You current experience is critical (totally)  based on points.. that in somewhat reasons SENSE do not provide whitelisting (but I not sure.. how it can be like that?!); Or "desktop"-application do not re-write it;

    Since with most of situations - while F-Secure Labs analyzing "URL" - you able to allow access to website (if there certain visible false positive);

     

    Thanks.

    Like Awesome
  • [Deleted User]
    [Deleted User] Posts: 0 Former F-Secure Employee

    Hi F6,

     

    Appreciate your feedback regarding the sample submission page. I have brought your feedback to the team's table so that this can be looked in detail.

    Sorry to hear about the experience.

    1Like Awesome
  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    Just as feedback (or addition to my previous reply under this topic):

     

    - I got response (17.07.2017) from F-Secure Labs about filehippo (transferred direct URL for downloading CCleaner);

    Meanings: "filehippo" found to be not a harmful; and re-rated to safe;

     

    - With my own experience (today) CCleaner downloaded from dl1.filehippo and not blocked (previously it was under "dl2.filehippo" and blocked - while dl1.filehippo was rated as safe);

     

    So - I decided to place it there (as feedback; and as timeframe-point - if situation is repeated again);


    Thanks.

    Like Awesome
This discussion has been closed.

Categories