Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: trose27 on May 24, 2013, 01:12:54 AM
-
When I try to do internet banking is safezone it has recently...since about 2 months ago when it worked fine...tells me my browser is out of date and need to upgrade to access USbank internet banking.
How do I upgrade the safezone browser?
-
The safezone browser can only be updated by avast, it is a customised version of the chromium browser (not google chrome).
I don't know how they are determining that it is out of date as it isn't a standard browser, so I don't know what they are comparing it against, or simply that it isn't one of the main browser names.
-
The browser informs on itself in the GET message, and it does indeed identify itself as (at least) chrome-based, and goes on to provide the version which does correspond to the version displayed in the SafeZone Browser "About" information 17.0.963.81 (Developer Build 127271 Windows)
GET /webhp?sourceid=chrome-instant&ix=seb&ie=UTF-8&ion=1 HTTP/1.1
Host: www.google.com
Connection: keep-alive
X-Purpose: instant
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.81 Safari/535.11
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=70e9666e6d444a4f:U=1d19aefb35cc2790:FF=0:LD=en:TM=1346892717:LM=1368819930:S=r-h5v7eDsunauFgf; NID=67=Ihm6W-sI-5LAkE0YhmrX21u31vSg3QaPzEeaVPQp0BO_hiy_KKM6IZy23S5VRWM-4ZUU3VXGdXgGheLvBYyqfBOmUwXleEf1W55NV8itDKo6gsqJrGoAzzAhmQn6EIOJTufhKdS505oh19SDgT8
In addition to the quoted security bulletin, I would add that the point of a SafeZone Browser for sensitive transactions will be of limited functionality when the browser is unsupported.
In my case it is QuickBooks Online.
They support two major versions back, only. Anything older and they throw an error telling you to upgrade. This is to alleviate support calls they cannot control.
So beyond security, I would submit that there is also a use/business case for updating the browser more aggressively.
Thanks
-
The safezone browser can only be updated by avast, it is a customised version of the chromium browser (not google chrome).
I don't know how they are determining that it is out of date as it isn't a standard browser, so I don't know what they are comparing it against, or simply that it isn't one of the main browser names.
I'm getting the same upgrade message from my bank as well, it clearly thinks I am using an older version of Chrome, which of course safe zone is. The problem is that in the unlikely event that the banking transaction is hacked whilst using safezone, I would be left liable for using an old version of chrome, as far as the bank is concerned and for ignoring their warning. This makes safezone quite useless in such situations.
Similarly my other bank requires the use of FF 10+ or IE8+
It would be better if Avast safezone could put a safezone around my choice(s) of browser, similar to how Comodo, Webroot and Kaspersky do it. F-Secure also has a different approach. Any improvements like this in the pipeline?
In the meantime I may need to use IE or FF in a sandbox, but this may not be sufficient.
-
The whole point of the safe zone is it is operating completely isolated from your normal desktop. Plus having only one browser available in the safe zone saves a massive amount of work to include a browser of choice as the safezone browser is heavily restricted when compared the a sandboxed browser.
There is nothing to stop you using either Firefox or IE sandboxed in the avast sandbox. I don't know how the others work in that regard (I'm an avast user not employee), as far as I'm aware the others are sandboxing and not using the same functioning as the avast safe zone.
-
The whole point of the safe zone is it is operating completely isolated from your normal desktop. Plus having only one browser available in the safe zone saves a massive amount of work to include a browser of choice as the safezone browser is heavily restricted when compared the a sandboxed browser.
There is nothing to stop you using either Firefox or IE sandboxed in the avast sandbox. I don't know how the others work in that regard (I'm an avast user not employee), as far as I'm aware the others are sandboxing and not using the same functioning as the avast safe zone.
To be 100% clear, if I choose to run iexplore.exe as a virtualised process, is that exactly the same as choosing the function for Avast to run IE browser in a sandbox, or are their some differences?
Update - if I run IE as a sandboxed browser there is no colour border, unlike when I run iexplore.exe as a virtual process. So it appears the two ways of running browsers are not identical, neither in terms of security protection?
-
That would rather depend on what virtualising software you are using, generally all it would be doing is protecting the live system. I don't know if that in itself would still mean any browser vulnerabilities or weaknesses could still be exploited.
I don't use IE, or I try not to use it if I can help it so I'm not really familiar with it, other than you have IE8 (if you have XP that is the last IE version), which isn't as secure as IE9 or IE10, if you have win 7.
I think that there were some topics on the avast! Free/Pro/Suite relating to a missing border in the avast sandbox. They may be relating to older versions of avast rather than the current version 8.0.1489.