Important info for OA Premium banking mode users

Discussion in 'other firewalls' started by avboy, Mar 17, 2012.

Thread Status:
Not open for further replies.
  1. avboy

    avboy Registered Member

    Joined:
    Feb 11, 2008
    Posts:
    165
    In case you are not aware, OA Premium in banking mode allows connections to certain other web sites than your specified domains. So when you are connected to your bank, your browser can still open connections to Microsoft, Sun etc.
    Details here:
    http://support.emsisoft.com/topic/7576-banking-mode/page__view__findpost__p__46193

    So if you want a complete locked down browser except only one connection to your bank or shopping site, you have to stop the ones above through a Hosts file or other software.

    Hope this is useful and has not been posted before.

    Thanks

    Edit: The above list is hard coded in OA Premium and cannot be overridden in OA banking mode.
     
    Last edited: Mar 17, 2012
  2. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    from my point i can NOT suggest that complete locking.
    if one of trusted websites need some update concerning certificate i can
    not be checked due that locking - connection will be refused - no banking.

    the information is a bit late, nevertheless i wont have any issue with it.
     
  3. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    That's true. Then, either you trust the certificate or you don't... or -and I love this this or :D- one can use a dedicated Chromium browser profile just for accessing the bank account.

    Chromium now uses its own internal certificates revocation list; eventually it will hit Google Chrome stable channel. Most likely it's also present in Google Chrome canary and dev channels.

    This way, one gets to fully block connections, except to the bank's IPs. And, the browser still checks certificates revocation, but using its own internal database.

    You do need to allow Safe Browsing to connect to the Internet. So, my suggestion would be to have a Chromium profile that will be used only for getting the Safe Browsing data, and then place it on the Bank's profile folder. Or, allow an initial connection to Safe Browsing, and then only to the bank's IPs.
     
Thread Status:
Not open for further replies.