ESET Staff constexpr 45 Posted January 31, 2022 ESET Staff Share Posted January 31, 2022 11 minutes ago, Bobjob said: OK strange,just tried safe banking the way ive always used it ie cross top corner, and it works, will let you know if i have anymore problems. thanks. Just to understand it well: The problem is only with MS Edge? a) When you close Secure browser, normal (unsecured) browser is still running and for every new webpage in normal browser (not closed while Secure browesr open-close), BPP redirect you to secured? OR b) You open only Secure browser (e.g. from desktop shortut), close it, open normal browser, Secured is launched instead of? If 1 and 2b is true, try to disable Startup boost (Edge > Settings > System > Startup boost) Just when you will be able to replicate it. Thanks. Link to comment Share on other sites More sharing options...
Bobjob 0 Posted January 31, 2022 Author Share Posted January 31, 2022 12 minutes ago, constexpr said: Just to understand it well: The problem is only with MS Edge? a) When you close Secure browser, normal (unsecured) browser is still running and for every new webpage in normal browser (not closed while Secure browesr open-close), BPP redirect you to secured? OR b) You open only Secure browser (e.g. from desktop shortut), close it, open normal browser, Secured is launched instead of? If 1 and 2b is true, try to disable Startup boost (Edge > Settings > System > Startup boost) Just when you will be able to replicate it. Thanks. Thanks, its 1 and 2b when i am on for example my banking site and come out of it by pressing top right hand corner twice, x one to leave my banking website,two to leave secure banking then no matter what page i bring up next it comes up as secured but at this moment in time it seems to be working normaly? Link to comment Share on other sites More sharing options...
ESET Staff constexpr 45 Posted January 31, 2022 ESET Staff Share Posted January 31, 2022 (edited) 1 hour ago, Bobjob said: Thanks, its 1 and 2b when i am on for example my banking site and come out of it by pressing top right hand corner twice, x one to leave my banking website,two to leave secure banking then no matter what page i bring up next it comes up as secured but at this moment in time it seems to be working normaly? Specific order of actions must be taken to got this bug active. I think we found it, we prepare fix for it. Edited January 31, 2022 by constexpr Link to comment Share on other sites More sharing options...
Bobjob 0 Posted January 31, 2022 Author Share Posted January 31, 2022 1 hour ago, constexpr said: Specific order of actions must be taken to got this bug active. I think we found it, we prepare fix for it. Thankyou was starting to believe it was only me!! Lol. that this was happening to. Link to comment Share on other sites More sharing options...
New_Style_xd 69 Posted January 31, 2022 Share Posted January 31, 2022 16 hours ago, Nightowl said: For privacy better to go with Firefox Thanks, I just installed it to use firefox. Link to comment Share on other sites More sharing options...
Baldrick 4 Posted February 1, 2022 Share Posted February 1, 2022 On 1/31/2022 at 10:19 AM, constexpr said: BPP is not compatible with HitmanPro Alert. See https://support.eset.com/en/kb6063-eset-banking-payment-protectioncommon-errors I don't understand, why you use icon on taskbar to come out of secure browser? And where are 2 icons? Can you please post screenshot, or detailed description? Thanks That is as it may be now but it used to be as I ran the two together with no issues until the aforementioned update at the back end of last year. So something has changed somewhere are rather than trying to fix it all we get is the lame 'not compatible' message which is the refuge of those that cannot be bothered. Until someone can prove to me that there has always been an incompatibility I will not believe it. And what is laughable is the HMP.A is actually sold as an addon to be used in conjunction with mainstream apps...and it has worked flawlessly with a number of ESET's competitors/is well regarded so it is a shame and a let down that no one can be bothered to make them co-exist. Just saying. 🤔 Baldrick Link to comment Share on other sites More sharing options...
itman 1,655 Posted February 1, 2022 Share Posted February 1, 2022 (edited) 2 hours ago, Baldrick said: Until someone can prove to me that there has always been an incompatibility I will not believe it. There were past issues with Eset's key scrambling in B&PP: Quote Build 785 (2019-08-23) Added CTF Guard under Risk Reductions, which validates CTF protocol callers. This new system-level exploit mitigation protects against abuse of the undocumented Windows CTF protocol as mentioned in CVE-2019-1162, discovered by Tavis Ormandy. More details: https://news.sophos.com/en-us/2019/08/22/blocking-attacks-against-windows-ctf-vulnerabilities/ Improved Keystroke Encryption on Windows 10 version 1903 (19H1). For example, renaming a file in a Save As dialog of a web browser should now work as expected Improved Keystroke Encryption compatibility with ESET Internet Security https://www.hitmanpro.com/en-us/whats-new/hitmanpro.alert Assumed is Eset did something in the latest releases to have this issue manifest again. As I see it, it's up to Sophos to make it compatible again. Edited February 1, 2022 by itman Baldrick 1 Link to comment Share on other sites More sharing options...
ESET Staff constexpr 45 Posted February 1, 2022 ESET Staff Share Posted February 1, 2022 (edited) 2 hours ago, Baldrick said: That is as it may be now but it used to be as I ran the two together with no issues until the aforementioned update at the back end of last year. So something has changed somewhere are rather than trying to fix it all we get is the lame 'not compatible' message which is the refuge of those that cannot be bothered. Until someone can prove to me that there has always been an incompatibility I will not believe it. And what is laughable is the HMP.A is actually sold as an addon to be used in conjunction with mainstream apps...and it has worked flawlessly with a number of ESET's competitors/is well regarded so it is a shame and a let down that no one can be bothered to make them co-exist. Just saying. 🤔 Baldrick Definitely, if it is just addon, it shouldn't be problem. I just did a quick check with the latest trial version of HitmanPro Alert. It was win32 installer, no addon. Additionaly it register and execute: kernel driver hmpalert.sys service hmpalertsvc I tested (randomly selected) browser Firefox: In normal (unsecured) Firefox, hmpalert.dll was injected to browser main process. Our website redirection mechanism was blocked. Running Secure browser from desktop shortut gives me this: When I look on https://www.hitmanpro.com/en-us/whats-new/hitmanpro.alert. they updated their product to work in conjuction with our solution (in Build 785 and 771), but both products are still evolving. AFAIK, we got first ticket with combination of EIS and HitmanPro Alert several years ago. As both HPA and Banking & Payment Protection try to do the same (protect browser against others), it's natural that our and their methods are in conflict. I don't want to go to technical details, I just want to point on fact, that incompatibility has been there earlier and it's even expected. And as they claim in FAQ: Q: Do I need to uninstall any security software before using HitmanPro.Alert? A: No. HitmanPro can be used all by itself or in conjunction with another security product. Obviously, they want to be installed as parallel guard together with another security product, so they expect to face compatibility issues. Edited February 1, 2022 by constexpr Baldrick 1 Link to comment Share on other sites More sharing options...
itman 1,655 Posted February 2, 2022 Share Posted February 2, 2022 2 hours ago, constexpr said: Running Secure browser from desktop shortut gives me this: If HMP-A was actually able to teminate ekrn.exe, then there is a problem with Eset's self-protection. Baldrick 1 Link to comment Share on other sites More sharing options...
ESET Staff constexpr 45 Posted February 2, 2022 ESET Staff Share Posted February 2, 2022 9 hours ago, itman said: If HMP-A was actually able to teminate ekrn.exe, then there is a problem with Eset's self-protection. I have disabled self-protection on my testing env. I believe it shouldn't conflict with us even if EIS is not in default configuration (not mutually exclusive configuration, just not default). Baldrick 1 Link to comment Share on other sites More sharing options...
Baldrick 4 Posted February 5, 2022 Share Posted February 5, 2022 On 2/1/2022 at 9:55 PM, constexpr said: Definitely, if it is just addon, it shouldn't be problem. I just did a quick check with the latest trial version of HitmanPro Alert. It was win32 installer, no addon. Additionaly it register and execute: kernel driver hmpalert.sys service hmpalertsvc I tested (randomly selected) browser Firefox: In normal (unsecured) Firefox, hmpalert.dll was injected to browser main process. Our website redirection mechanism was blocked. Running Secure browser from desktop shortut gives me this: When I look on https://www.hitmanpro.com/en-us/whats-new/hitmanpro.alert. they updated their product to work in conjuction with our solution (in Build 785 and 771), but both products are still evolving. AFAIK, we got first ticket with combination of EIS and HitmanPro Alert several years ago. As both HPA and Banking & Payment Protection try to do the same (protect browser against others), it's natural that our and their methods are in conflict. I don't want to go to technical details, I just want to point on fact, that incompatibility has been there earlier and it's even expected. And as they claim in FAQ: Q: Do I need to uninstall any security software before using HitmanPro.Alert? A: No. HitmanPro can be used all by itself or in conjunction with another security product. Obviously, they want to be installed as parallel guard together with another security product, so they expect to face compatibility issues. Thank constexpr...for putting me right on a point or two, and for elaborating on the conjunction of the two applications. 👍 I think that would explain what I have been seeing, i.e., used to work/now it does not, etc. Interestingly enough, checking again late this last week I find that Secure Banking is now working again WITH HMP.A running, but now the issue is the Key Scrambling when typing in the browser protected by Secure Banking with HMP.A key scrambling also activated. Again, I know for a fact that I have had both enabled in the past with no adverse effect...but based on what you have kindly advised...this is an area that can change easily either way. So my solution, if I decide to continue with my HMP.A subscription, will be to disable the HMP.A key scrambler functionality, as ESET is the principal security layer, with HMP.A the secondary. Thanks again for the advice provided. Regards, Baldrick Link to comment Share on other sites More sharing options...
Baldrick 4 Posted February 14, 2022 Share Posted February 14, 2022 Hi All Just to advise that further to also logging this issue with SurfRight I have heard back from them as follows: "Technician (Support) Feb 1, 2022, 14:43 GMT+1 Hi, We have identified the issue and are going to fix this on our end, could you please update the ESET ticket also that we'll take mitigating measures for compatibility. Kind Regards, Rick HitmanPro Tech Support" So good news for all HMP.A/|ESET users...I will see if they update me with a release date/version for the fix their side...and if so will post back here with the information. Regards, Baldrick Link to comment Share on other sites More sharing options...
ESET Staff constexpr 45 Posted February 14, 2022 ESET Staff Share Posted February 14, 2022 36 minutes ago, Baldrick said: Hi All Just to advise that further to also logging this issue with SurfRight I have heard back from them as follows: "Technician (Support) Feb 1, 2022, 14:43 GMT+1 Hi, We have identified the issue and are going to fix this on our end, could you please update the ESET ticket also that we'll take mitigating measures for compatibility. Kind Regards, Rick HitmanPro Tech Support" So good news for all HMP.A/|ESET users...I will see if they update me with a release date/version for the fix their side...and if so will post back here with the information. Regards, Baldrick Thanks for info, I'll wait for your update. Baldrick 1 Link to comment Share on other sites More sharing options...
Recommended Posts