Harmless (a priori ?) site blocked by Sense on MacOS and Freedome on iPhone but not iPad !!!!

FDU
FDU Posts: 57 Explorer

This wine selling site les-caves.fr/fr/ (a priori harmless and well noted by customers) is blocked by Freedome (and Sense) on both Mac and iPhone but access is allowed without any problem from IPad !!!

Such inconsistency put a strong à doubt on the security/reliability of the solution and the confidence we can put on it...

It should also be very important to explain more details about the reason of the blocking with associated risks and have the possibility to send a request for review to reconsider such status by a simple click on a button (I have also asked by email to review/reconsider the blocking of the school web site of my son without any answer/feedback for weeks now).

 

EDIT: Removed hyperlink

Comments

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    Sorry for my reply. I'm also only F-Secure user (their home solutions).

     

    Just interesting to discuss what kind of information ("""It should also be very important to explain more details about the reason of the blocking with associated risks""") can be there? Based on your own feelings?

    And does it indeed can be much more useful (with common situation //not a false positive//) than current design? At least, with F-Secure SAFE for Windows-platform there are:

    -- blockpage with short 'static' generic explanation (that based on their information such page is dangerous; and recommendation do not use it).

     -- then button with "Allow page" (for your own access) and shortcut to transfer URL for re-rate it:

    https://www.f-secure.com/en/web/labs_global/submit-a-sample#sample-url

     

    Main result: harmful website is blocked.


    But, yes, if there is false-positive -- additional information is pretty useful point.

     

    And F-Secure SAS is option for re-rate it and receive such information (strange that your experience with 'such delay' - but likely situation).

    But I think that, currently, most of 'valid/safe' pages are potentially vulnerable and can be hacked or can be exploitation of certain third-modules additions/modules (or so). As result, well-known website is 'harmly bundled'. With such situation - even if there will be visible extended description for harmful/malicious rating - what user should to do? To inform website owner? Anyway, to inform F-Secure SAS about potential false positive? Or re-considerate such reason and own research about does it false positive or valid detection based on such triggers?

    In addition, I feel that Browsing Protection module (rating/repuation design) is still not so powerful how it can be. But, anyway, large scale of sources (?) will create good enough layer against indeed harmful and malicious website. But, as result, potential re-use common databases (if F-Secure do able to use it) is likely explanation for such false positive situation (OR potential false positive detections; since it can be 'stuck'-information about previous troubles with domain or certain subdomain/page).

     

    With your experience I feel two large troubles:

     

    - With F-Secure Freedome - it is not possible to "allow" certain URL on-the-fly (?!);

    - F-Secure SENSE (as potentially advanced and cool solution technology) indeed should be with something more than generic blockpage. With further information for user.

    Also, strange that URL is allowed with iPad. Maybe it is good to re-check that iPad is covered by SENSE features. With any other potential URLs (like these testpages: https://community.f-secure.com/t5/Home-Security/Safe-Browsing/m-p/88818#M3178)

     

    Thanks!

  • The website blocking is never 100% perfect with any service, just because the Internet is too big and the analysis is done by automated computing.

    If you feel that a site is blocked by False Positive, then submit that url via the F-Secure's submit url webpage and input your email information on it, so you get a reply on why it was blocked and when the block has been fixed.

  • FDU
    FDU Posts: 57 Explorer

    I don’t expect any system to be perfect and it is not my point, I just expect it to be consistent/reliable, so it is very strange/worrying that the same blocking system does not give the same answer just depending on the device in which it is running.

    And concerning false positive I already submitted few cases but never got any answer/feedback.

     

  • Enfcmedic384
    Enfcmedic384 Posts: 181 Enthusiast

    I think the issue perhaps is something that I have been privy too in the past. A person has negative personal experience with a business is one thing. The other thing probably is a confusion of correlation and causation. I mean by that an F-Secure customer or someone submits a website be blacklisted. The reason being has they visited that legitimate site. Then they experienced computer virus or other malware problems. The problem is that a supposed wine site which is legit had nothing to do with the malware infection or penetration/intrusion on that person's computer. It probably was someone confused the malware attack after visiting the legit wine site. Then the wine site is falsely blacklisted.

  • FDU
    FDU Posts: 57 Explorer

    I do agree that such blacklisting will never be perfect but it is not really my point.

    I should probably have started 2 separate threads to avoid confusion on main priorities to address.

    as mentioned above, my main point was about consistency/reliability (not accuracy) of this blacklisting (i) accross devices (same answer should be expected whether you use iPhone, iPad, android phone/tablet, Mac, Pc...) and (ii) accross f-secure solutions (Freedome app, Sense...).

    and then I had another (side) question, not so much about blacklisting accuracy, but more about (i) giving clear (even if finally wrong) background rational to assess your risk (and eventually trigger an additive feedback to improve blacklisting « accuracy » over time) and (ii) easier (one click) solution to provide feedback on such (potentially) false blacklisting.

  • Enfcmedic384
    Enfcmedic384 Posts: 181 Enthusiast

    You are correct FDU, and I agree with the point that you should have a way to invoke reputation-based trust systems. This is supposed to be coming very soon on the F-Secure SENSE Router. I hope that perhaps the acquisition of the sense router could help you in your security concerns plus issues that are facing you.

This discussion has been closed.