there is release date of version 16?

[itman 1,659]

I really don't understand the complaints about the "green frame." It's so inconspicuous using Firefox that I really have to look hard to see that its there. The only obvious thing is the "X" and Eset Icon display on right side border of the browser window which is no big deal.

Perhaps "dark mode" which I don't use makes the border more obvious.

Edited October 25, 2022 by itman

[cofer123 14]

Another annoyance: using remote desktop, this always shows on the remote browser unless I disable secure browser.

[Marcos 5,071]

7 minutes ago, cofer123 said:

Another annoyance: using remote desktop, this always shows on the remote browser unless I disable secure browser.

This has always been displayed if you were connected via RDP and the secure browser was running.

[SeriousHoax 83]

So people now also can't run their browser in Sandboxie I guess because ESET itself is making the browser run sandboxed all the time. I don't know if it's really a good idea to run browsers 24x7 is a sandbox by the AV. Improvement in security maybe, but could break things in future browser updates. Browser vendors already don't like security software meddling with their browser.

https://www.wilderssecurity.com/threads/eis-update-do-not-allow-ff-to-run-sandboxed.448495/

[itman 1,659]

23 minutes ago, SeriousHoax said:

So people now also can't run their browser in Sandboxie I guess because ESET itself is making the browser run sandboxed all the time.

As I see it, B&PP is not a sandbox.

B&PP is just a browser lock down mode that prevents the browser from external malware injection. Since the default for secured browser is to allow all extensions, that is how the browser will be compromised with possible system infection.

[Trooper 65]

2 hours ago, SeriousHoax said:

I already see many users complaining about the green frame. It needs to go completely when the user disables the "Browser's green frame" option.

 

I agree.  I do not care for it either.

[blaxxz 1]

Secure all browsers mode

I don't understand this option.

• That's just banking protection, isn't it?
• So why does it have to be on all the time?
• Do I have any advantages if this is always on?
• What happens in the background with the browser when the mode is on?

[Marcos 5,071]

7 hours ago, blaxxz said:

• That's just banking protection, isn't it

Correct, the secure browser is utilized by Banking and payment protection for safe browsing and payment

 

7 hours ago, blaxxz said:

• So why does it have to be on all the time?

An alternative to this was redirection to a secure browser which is unreliable and requires regular maintenance when a new version of a supported browser is released.

7 hours ago, blaxxz said:

• Do I have any advantages if this is always on?

Independence on browser updates, no gaps between the release and module update.

7 hours ago, blaxxz said:

• What happens in the background with the browser when the mode is on?

The secure browser provides anti-keylogger protection by scrambling keystrokes, browser's memory is protected, and loading of untrusted dlls is prevented.

[blaxxz 1]

Quote

There is no additional security on non-banking sites?

All sites are protected, it just doesn't make sense to scramble keystrokes on a website that doesn't ask you for sensitive information for instance.

Quote

Will browser updates still work?

Yes.

Quote

Will browser extensions keep updating?

Yes.

Quote

Are password managers, for example, additionally secured with it?

I would say it depends. E.g. if you copy information from a password manager to clipboard, the secure browser does not protect the clipboard which is a system thing used outside browsers as well.

Quote

Untrusted dlls are maintained by Eset?

Yes and no. For instance, it's enough for a dll to be signed by a trusted authority, e.g. Microsoft in order to be considered trusted.

[blaxxz 1]

It took me a while to realize that you simply replied directly in post. ^^

• In short, it is safer and more convenient for the user when the mode is on?
• Does the browser then run in a sandbox?
• What bothers me a bit in version 16 is that the ESET window always opens in the background. For example, when performing a scan, the ESET window always opens in the background. That was different with version 15 and I liked it better that way. Can this be changed or reintroduced with the next update?
• Is it not possible to display the license term again under "ESET Home"?

[SeriousHoax 83]

14 hours ago, itman said:

As I see it, B&PP is not a sandbox.

B&PP is just a browser lock down mode that prevents the browser from external malware injection. Since the default for secured browser is to allow all extensions, that is how the browser will be compromised with possible system infection.

Is it kind of a semi-sanbox? Working set in Process Hacker/Process Explorer for ESET process now includes the amount of memory consumed by ESET+opened browser, since the browser memory is being contained by ESET.

Is there any documentation of this new mode, explaining how it works?

[Marcos 5,071]

6 minutes ago, SeriousHoax said:

Is there any documentation of this new mode, explaining how it works?

The "Secure all browsers" mode has been there since v15.0, ie. for one year already:

It uses the existing browser as a secure one without creating a new copy of the default browser for redirection.

[itman 1,659]

5 hours ago, SeriousHoax said:

Working set in Process Hacker/Process Explorer for ESET process now includes the amount of memory consumed by ESET+opened browser, since the browser memory is being contained by ESET.

Not on my ESSP v16 installation. WS size is around 135K which in no way would include FireFox memory usage.

[blaxxz 1]

Additional Question

• The mode also has no influence on the installation from the browser?
• No changes are made to the browser itself?

 

[Marcos 5,071]

5 hours ago, blaxxz said:

• The mode also has no influence on the installation from the browser?

Correct. Files downloaded from the Internet will be scanned the same way they as when downloaded in a standard browser without Banking and payment protection.

5 hours ago, blaxxz said:

• No changes are made to the browser itself?

Yes, BPP doesn't make any changes to the browser.

[blaxxz 1]

@Marcos

Can you please take a look on these Questions?

 

Edited October 27, 2022 by blaxxz

[Marcos 5,071]

The secure browser is not running sandboxed but the advanced memory protection ensures that other applications cannot read browser's memory. It also prevents untrusted dlls from being loaded in the browser and provides anti-keylogger protection by scrambling keystrokes.

[blaxxz 1]

Thank you @Marcos

 

• What bothers me a bit in version 16 is that the ESET window always opens in the background. For example, when performing a scan, the ESET window always opens in the background. That was different with version 15 and I liked it better that way. Can this be changed or reintroduced with the next update?
• Is it not possible to display the license term again under "ESET Home"?

[Marcos 5,071]

4 minutes ago, blaxxz said:

• What bothers me a bit in version 16 is that the ESET window always opens in the background. For example, when performing a scan, the ESET window always opens in the background. That was different with version 15 and I liked it better that way. Can this be changed or reintroduced with the next update?

I didn't notice any difference between v15 and v16 when running a scan. Please create a new topic for this and enclose a screenshot for clarification.

4 minutes ago, blaxxz said:

• Is it not possible to display the license term again under "ESET Home"?

EULA is a part of the product installers. It can be displayed during or after installation. I don't think there are any plans to have a hyperlink to EULAs of particular products in the ESET HOME portal.

[blaxxz 1]

10 minutes ago, Marcos said:

EULA is a part of the product installers. It can be displayed during or after installation. I don't think there are any plans to have a hyperlink to EULAs of particular products in the ESET HOME portal.

I mean this information.

 

[Marcos 5,071]

6 minutes ago, blaxxz said:

I mean this information.

 

This information is already in the ESET HOME license manager:

[czesetfan 29]

On 10/25/2022 at 2:08 PM, Marcos said:

How other users would know if they can securely enter sensitive login information in the browser if they wouldn't know if a secure browser is running?

"Secure all browsers" will be used in the future and the current redirection system will be abandoned since it requires a lot of maintenance and adapting to new browsers is not immediate.

And will the Banking and payment protection button work?
That is, I browse the web without the "green box" and when I want to visit a bank, I press the Banking and payment protection icon and browse with the additional protection.

[itman 1,659]

Who's great idea was it to show log file entries in a burnt orange color in ver. 16?

Please give "my tired old eyes" a break and show the text in black; or white when in dark mode. Also, please use a font where the characters are bolder.

Edited October 27, 2022 by itman

[Marcos 5,071]

20 hours ago, itman said:

Who's great idea was it to show log file entries in a burnt orange color in ver. 16?

I don't see a big difference in colors between v15 and 16, if any:

Of course, nothing is carved in stone and we are open to constructive feedback since we want to tailor our products to suit your needs. As of v16, you can also increase or decrease the font size by holding Ctrl and scrolling the mouse wheel.

[itman 1,659]

4 hours ago, Marcos said:

I don't see a big difference in colors between v15 and 16,

The following logs; Detection, HIPS, Network, and Filtered web sites show all entries with the burnt orange color on a white background.

Now in the Event log, only problem entries show in the burnt orange color which I don't have an issue with.

If Eset is going to use a color for highlighting, it should be consistent in that regard across all logs.