Shouldn't safe online be protecting me?

[overangry]

This site was designed to show how the new IE9 protects users from a web based attack.

https://ie.microsoft.com/testdrive/b.../woodgrove.htm

Now I didn't want to test my browser, I wanted to test SOL (HTTPS)and it failed.
I was using IE8, and allowed mixed content after receiving a warning from IE8.

Win7 64Bit Prevx v3.0.5.217

[Triple Helix]

Very interesting!

TH

[tobacco]

Big Time Fail - Yuck

[firzen771]

strange, even keyscrambler fails it

[PrevxHelp]

At the moment, this type of attack is very browser-specific and outside the scope of SafeOnline. Stopping this function within the browser inadvertently will cause several major browser features to break so unfortunately this will likely be exclusively up to the browser manufacturers (and Microsoft appears to be doing so with IE9).

SafeOnline could potentially handle cases like this but it would likely cause far more complaints than actual benefits whereas it is able to circumvent any malware running on the PC from affecting the browser.

There have been no real attacks which use this technique but if there is one, we will be adding blacklisting for the domains affected.

Let me know if you have any questions!

[Boyfriend]

I passed the test in IE 8, but failed in Firefox. Both are protected by Prevx SafeOnline. Is it man-in-the-middle attack?

[overangry]

Quote:

Originally Posted by PrevxHelp

There have been no real attacks which use this technique but if there is one, we will be adding blacklisting for the domains affected.

Thanks for your reply, just out of curiosity if an attack was to take place how would it happen? What I mean is would it be a drive by attack or what attack methods would or could be used for one to become infected.
Just one more quick question, I uninstalled IE9 because SOL doesn't support beta browsers,
using SOL, is IE9 safer than IE8?

[BoerenkoolMetWorst]

Some more info:
https://ie.microsoft.com/testdrive/b.../mixedcontent/

At least most Wilders visitors and other people with computer knowledge would notice an attack like this, as Firefox doesn't show the green or blue icon from a secure HTTPS page as not everything is in HTTPS.

A lot of banking sites I know, also ask the user to check if there is a lock icon, blue/green icon or whatever the user's browser shows on a secure HTTPS connection.

The secure version of the Hotmail login page had this for quite a while, as one picture was loaded in HTTP, however you can use AdBlock Plus to select all HTTP content and block it so you will have a confirmed secure connection.

It would be nice though if Firefox could incorporate this like IE9.

[Fad]

NoScript initially appeared to prevent it - but certainly failed when MS was allowed.

How on earth would we even know this was happening for real ?

[Kernelwars]

even keyscrambler pro failed it.. I am about to turn off the internet and go to sleep

[Konata Izumi]

IE8 showed this
you pass if you click yes
you failed if you click no

[Kernelwars]

avast was very silent too

[trjam]

Quote:

Originally Posted by Kernelwars

avast was very silent too

doesnt matter, IE 9 did what it was suppose to for me. Going to be a very good browser.

[CloneRanger]

Not good

See here for other apps etc also failing - http://www.wilderssecurity.com/showt...98#post1773998

Quote:

Originally Posted by PrevxHelp

At the moment, this type of attack is very browser-specific and outside the scope of SafeOnline.

I don't see why, as i expect PSOL, at least, to protect ALL such attacks ! That's it's MO surely ?

Quote:

There have been no real attacks which use this technique

Not yet maybe, but we Don't want to wait to find out, thanks

Quote:

but if there is one, we will be adding blacklisting for the domains affected.

Too late by then !

[Kernelwars]

Quote:
Originally Posted by Kernelwars
avast was very silent too

doesnt matter, IE 9 did what it was suppose to for me. Going to be a very good browser.
__________________

indeed I hope so.. it will be really scary opening up any page and have to use login information knowing I am not protected by the products I pay for or trust.

[trjam]

IE 9 in action

[Kernelwars]

Quote:

Originally Posted by PrevxHelp

At the moment, this type of attack is very browser-specific and outside the scope of SafeOnline. Stopping this function within the browser inadvertently will cause several major browser features to break so unfortunately this will likely be exclusively up to the browser manufacturers (and Microsoft appears to be doing so with IE9).

SafeOnline could potentially handle cases like this but it would likely cause far more complaints than actual benefits whereas it is able to circumvent any malware running on the PC from affecting the browser.

There have been no real attacks which use this technique but if there is one, we will be adding blacklisting for the domains affected.

Let me know if you have any questions!

Correct me if I am wrong but I thought Safeonline("Protects your private information when shopping, banking and social networking online.")

is browser specific? I thought its suppose to help protect users when browsing..

[BoerenkoolMetWorst]

You can set Firefox to warn for HTTPS sites showing HTTP content, but you cannot set it to load only the HTTPS content. To let it show a warning go to about:config and set security.warn_viewing_mixed to True.

[kasperking]

Quote:

Originally Posted by Kernelwars

Correct me if I am wrong but I thought Safeonline("Protects your private information when shopping, banking and social networking online.")

is browser specific? I thought its suppose to help protect users when browsing..

well we believe what we are told ....atleast now i would keep the mixed content setting in IE8 disabled

[SUPERIOR]

there are other online tests http://ie.microsoft.com/testdrive/vi...s/default.html

i got the red skull and crossbones in Google Chrome ..... didtnt block but at least it warns

i was just wondering what if this link was just set up to fit IE9 ..i mean like advertising ...all other products supposed to fail only IE9 pass !!!

[Konata Izumi]

this made me think HTTP is soooooooooo very unsecure...
can someone explain me why most websites use HTTP instead of HTTPS?

[trjam]

Most web addresses begin with "HTTP," which is an acronym for "Hyper Text Transfer Protocol." It's the protocol used to allow you to communicate with web sites.

"HTTPS" stands for "Hyper Text Transfer Protocol Secure." It means that information exchanged between you and a web site is encrypted and cannot be hijacked by someone who might want to electronically eavesdrop when you type a credit card number, a password, a social security number, or any other person information.

[moontan]

IE9 blocked the "dangerous" content.

PrevxHelp:

Quote:

There have been no real attacks which use this technique but if there is one, we will be adding blacklisting for the domains affected.

protection has to come from behavior analysis or heuristic.
signature based protection is not worth much, IMO

[PrevxHelp]

Quote:

Originally Posted by Kernelwars

Correct me if I am wrong but I thought Safeonline("Protects your private information when shopping, banking and social networking online.")

is browser specific? I thought its suppose to help protect users when browsing..

The reason why SafeOnline and all other security products fail this test is because it is virtually impossible to pass from an application outside of the browser without potentially breaking substantial amounts of browser functionality. By far the best approach here is to disable mixed content.

[1000db]

Disable javascript.