Browsing protection not neutral

F6
F6 Posts: 53 Enthusiast

Hi,

I have to disengage the browsing protection on Sense.

Accessing a P2P link sharing site (I make whatever I want with my devices), I got the message "harmful wesite" with absolutly no way to pass throug. There no bouton "Access anyway" or "put it in whitelist".

1) you don't have the right to say "this site is good" and "this site is evil, you'll never acces it"

2) and the information "this site is harmful" is perfectly false: the sentence "We have found that this site is harmful and may attempt to steal your personal information or infect the device you use for browsing" is a lie.

This site don't attack at all the computers (maby the Ads make it, but it's ad provider URL who have to be blocked

 

For information, Google is the same situation: with it I can access al the harmful content I want. Why isn't it blocked ?

 

Whitelisting is BASIC in  all content control devices.

F-Secure is supposed to be perfectly neutral: what kind of condidence can I have with their VPN products, now ? Who are yout for putting censorship: forbidden without possibilty to override ?

 

Very bad mood

Comments

  • F6
    F6 Posts: 53 Enthusiast

    Better and better ! I have reactivated browsing protection.

     

    I use Piriform CCleaner, a well-known system cleaner (the best one , for Mark Russinovitch himself).

    I try to update it: they use Filehippo as repository for their files.

     

    Filehippo is blacklisted !!!!

     

    BTW, is somemone of FS reading what is written here, or is this just a sandbox for lonely users ?

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    Sorry for my reply. Just as my feedback only;

     

     

    Spoiler

    Eventually community is read by F-Secure staff (but still not known for me on which pattern it happen - since there can be speedy surprisingly response with one situation and not with another);

    But what about common situation and SENSE-board -> it should be with workdays (not sure, why there is delay); So maybe - tomorrow (?!) - and if not -> there should be available Support-channels (chat/phone) for certain situations;


    I also using CCleaner by Piriform. But probably.. I always downloaded updated-build  from their own domain/server (piriform.com) and ignore all other options. Than I bought Professional and switch to "autoupdate" (downloading by UI); So - I not sure how often there false-positive about CCleaner-update's URLs with recent days (since with UI-link-for-downloading there was always all OK), but with my own experience (and it was noted time to time under community) ---> false-detection randomly happened also for their own (!) downloads-server. Which more "strange", than false positive detection for filehippo;

    I usually used F-Secure SAS for trigger re-rate it;

     

    Since there probably "one Security Cloud" for F-Secure solutions -> I also able to trigger blocking by Browser Protection for certain filehippo-URL as downloading latest CCLeaner-build; I tried it after your reply.

    Not sure - why certain URLs for filehippo is marked as harmful-rated, but based on virustotal.com... Fortinet-company do this often. And under their Fortiguard website (?!) it also visible.

    Not sure - if F-Secure able to use this third-party database as additional source to their knowledgebase/databases about malicious/suspicious/phishing/harmful/rogue URLs...  OR if there any other common databases - where it blacklisted -> but there not visible reasons except "exploiting service by someone", "false positive" or "because CCleaner-installer with bundled Google-toolbars" (or so);

     

    With any of meanings - there should be helpful to use F-Secure SAS and transfer URL to F-Secure Labs; They will re-rate it or will explain why there is detection! With my own experience it also take about three-four workdays (for get response/action).


    BUT it will be too much strange and "worst point" - if there indeed not possible to allow page.

    Does there indeed not available to do so under something as F-Secure SENSE Portal (?! if it there available any portal/website) or by "F-Secure SENSE App" under main-device? Or even more - if there "in use" their F-Secure Sense App for Windows (which I expected that will be related with Home Solutions as F-Secure SAFE/IS) -> does there not possible to find something as "List of allow/deny websites" (?!) - which available with Home solutions?

    With F-Secure Freedome there also not possible to "allow" harmful-rated page. But Freedome VPN not designed to such meanings (probably);
    With F-Secure SENSE such design should be "mistake" - since there quite often can be false-positive detections (also when there "in use" Parental Controls, which I read that also planned for F-Secure SENSE);

    With desktop home solutions -> blockpage always with "Allow website"-button and link for F-Secure SAS as option to transfer URL for re-rate it; And as additional -> there "whitelist/blacklist for websites" as feature; Quite expected that it should be also available for F-Secure SENSE (but not sure... what will be - if you do not install desktop SENSE app; or even more.. if desktop Sense app do not contain such features!);

    Also about potential blocking for safe pages (as your example with peer-to-peer service):

    --> Quite good words that if there is detection based on advertisements -> good to block just them;

    With my own experience - usually - F-Secure trying to do certainly like that!

    But there anyway a lot of false-positives situations, which can be based on:

    --- third party common databases, which F-Secure able to use (or not) as additional source to their own database/knowledege; where "rating" can be based on many different meanings;

    --- safe website can be randomly exploited/hacked or something like that;

    --- automatic detection, which able to detect something suspicious (including two previous points as potential source of such activities) and rate it as harmful (while it should not be like that);

    So - there not always will be totally "false positive" situation, but anyway good to transfer such URL to F-Secure SAS. With my own experience there usually "re-rate" result - even if it confirmed that harmful-rated was there because detected certain and direct 'harmful'-points (as exploiting website service - if there possible to upload content/share content/store content and so);

    Also when I talk that "quite many" false positive situations - generally with another security solutions it can be much more often (with my experience);

    Quite long feedback Smiley Sad .... but if there will be still 'missing' official response from F-Secure and you will be with enough time for reading something not really useful, but only as 'discussion';

     

    Thanks!

  • [Deleted User]
    [Deleted User] Posts: 0 Former F-Secure Employee

    Hi,

     

    Apologies for the delay in responses and we are sorry for your frustration with the product.

     

    Rest assured, whitelisting functionality is currently under development and will be available as an app update as soon as possible.

     

    In the meanwhile, if you feel that a URL has been mis-classified, you can report it to F-Secure through here and our analysts will take a look and fix any problems with the classifications: https://www.f-secure.com/en/web/labs_global/submit-a-sample

     

    Best Regards:

    Simo Punnonen / SENSE QA Lead

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    Just concerned CCleaner based on this; :)

    Like one of potential points for such 'false positive' (later) ratings for certain valid software downloads-src.

    Spoiler

    What about F-Secure SENSE - if your experience was about trouble builds installed?

     

     

     

  • F6
    F6 Posts: 53 Enthusiast

    Hi, don't worry, http://filehippo.com/fr/download_ccleaner is still blocked. Smiley Happy

    No way to download the "clean" update. Smiley Mad

  • Ukko
    Ukko Posts: 3,611 Superuser

    @F6 wrote:

    Hi, don't worry, http://filehippo.com/fr/download_ccleaner is still blocked. Smiley Happy

    No way to download the "clean" update. Smiley Mad


    :) Funny, but good to say that "blocked again" (?! but I not sure about this certain URL); But under another discussion -> another direct URL from filehippo was re-rated to safe; And as quote from F-Secure Labs letter:

    Our analysis has found that the filehippo URL you submitted is not harmful. Our security products now rate it as safe.
    Mon, Jul 17, 2017 at 11:29 AM

    By the way, looks like that only localized URL is harmful-rated (and maybe just your one);

    Because it possible to use pages/URLs like:

    http://filehippo.com/download_ccleaner (and some other localized)

    But I usually do use next one(?):

    https://www.piriform.com/ccleaner/download/standard


    But based on words what I read about this story with CCleaner -> I not sure that they did/do proper investigation/fixes in fact (and not sure that they will do it);

     

    Thanks!

  • F6
    F6 Posts: 53 Enthusiast

    Hi, the direct link on the Piriform (an Avast company Smiley Wink ) site works well.

    I use the first (Filehippo) cause it's the one given by the "Find an update" link into the app.

     

    I know, I'm lazy ...

     

    But why can IOS users whitelist a website, and not Android users ? I have already explained my point of view about that (and I'm heavily unsatisfied)

     

  • Ukko
    Ukko Posts: 3,611 Superuser
    I use the first (Filehippo) cause it's the one given by the "Find an update" link into the app.

    This is valid situation (they indeed did that previously or always); But today (under one of systems) - I randomly found that they pushed else one update (with signed by fresh certs); And "Find an update"-page (?! or even page - where I managed to get URLs) was already with both options;

     

    But why can IOS users whitelist a website, and not Android users ? I have already explained my point of view about that (and I'm heavily unsatisfied)

    And about this -> I'm not sure.

    Probably it's impossible that F-Secure SENSE team do forget about such feature and that not only "Port forwarding" was required for Android SENSE application;

     

    But - does it required for global 'whitelist a website' for all devices or for Android-only?

    Because if you do use SENSE app for Windows: probably it should rewrite and give access to allowed website; Based on this topic/replies; And with Android app (supported browser?) maybe blockpage can be with option like "Do open website anyway!";

     

    But good if with workday - F-Secure staff do create some words about current state of such feature for Android app.

     

    Also possible to get more worst situations like this-> where just not possible to use SENSE and do not purchase/get fresh device;

     

    Thanks!

  • iOS development is much easier than android development.

    On iOS all these are pretty much the same for all users:

    iOS version

    Hardware

    Manufacturer

     

    Compared to android:

    Android version can vary very much

    Hardware can vary very much

    There are many manufacturers

     

    If android only had google and goolge branded phones, then the development would be as easy and fast as on ios.

    All this true about every software development on mobile devices, not just Sense app.

  • F6
    F6 Posts: 53 Enthusiast

    The problem isn't Android vs IOS developement:

    - first: Android development difficulty is a myth since the 4.0 version. The only problem should be with the managment of the display size (nothing to do with managing Sense !)

    - second: I have paid the same amount than IOS users: why my device has fewers functions than IOS users ?

    I have not seen a warning "Android has fewer functions than IOS" on the tech specs.

     

    It's only dishonest.

     

  • I don't know where you get your development information but due the fragmentation of Android ecosystem, the development needs more testing at least.

    But other than that, those are good points, but would people rather want a situation where F-Secure only releases updates when both platforms are ready?

    But as we don't know the internal stufd from F-Secure, it's hard to know if there just is lack of personel or something.

  • F6
    F6 Posts: 53 Enthusiast

    I'm not interested with the developemnt management problems of F-Secure.

    Only one fact: the second (2nd) update of Sense:

     

     
    Community Manager
    ‎17-07-2017 11:39 AM
    Re: What's new in SENSE

    A new version (1.1.2043) of SENSE for iOS client is now available in the app store.
     New change:

    • Website Whitelisting: The app will allow you to access websites that SENSE blocked

    It was 2 (two !!!) month ago: and today there's nothing for Android users.

     

    2 questions:

    - Why choosing the app-only management system, if you're unable to provide it for the major plateform ?

    - When will you synchronise the improvement on both plateforms ?

     

    If you can't answer to this: I can't use this device, I want my money back, tell me how. Or provide me an iDevice.

     

  • [Deleted User]
    [Deleted User] Posts: 0 Former F-Secure Employee

    Hi,

     

    The website whitelisting for Android is one of the features being worked on right now in this development sprint.  We know this feature is important and we are working on getting it available. There's one planned android app update coming "soon", if it doesn't get finished in time for that, then the next update will have it.

    The apps will always be a bit out of sync as features are developed sometimes first on Android, sometimes iOS. There have been some features which Android has received first before iOS like the ability to schedule firmware updates. The reason for this is that when one platform implements something and works out all the issues, it's easier for the second platform to follow up on it.

     

    There are multiple reasons why we have chosen apps and not a local web interface for configuring SENSE. The apps make the product more accessible to 'normal users' and allow us to do use cases and richer experiences in the future that are not possible with a web interface, like secure remote management, end-point-security and notifications when you're on the go. Also not having a full-access local web-interface with (which people generally misconfigure) reduces the exploitable attack surface of the router itself quite significantly.

     

    We sincerely apologice that you have been forced to wait, and I hope the inconvenience has not been unbearable.

     

    Best Regards:

    Simo / SENSE QA Lead

  • F6
    F6 Posts: 53 Enthusiast

    Nope.

     

    Delay between the only documented feature put on Android first, then IOS: 3 weeks. And it's choosing the time to reboot when a new version is pushed. Number of use: few per year.

    Delay between the essential feature to whitelist a blocked site: more than 9 weeks, and still waiting. Number of use: several per week.

     

    Simply answer to my simple 2 question, please.

  • Any update on the eta of the whitelisting feature for android?

    It has been few months and ios has had it for quite some time.

  • [Deleted User]
    [Deleted User] Posts: 0 Former F-Secure Employee

    We are a little bit delayed because of the WPA2 vulnerability exercise last week, apologies for that.

     

    We still have a couple of bugs to fix and verify before we can put this out, but we are targeting a beta this week still.

  • [Deleted User]
    [Deleted User] Posts: 0 Former F-Secure Employee

    I have published a new beta version of the Android app into google play, it includes also the anticipated URL Whitelisting feature. The app version is 1.0.749.

     

    The publishing process takes some time at google end but it should become available for beta users soon. Please give it a try once it becomes available.

  • For me it's now available. Thanks!

  • Laksh
    Laksh Posts: 4,224 Former F-Secure Employee

    The Android app version 1.0.749 has been released to production now (more information here).

This discussion has been closed.