New 1Password browser authentication and ESET NOD32

Comments

  • pepperwhiteknight
    pepperwhiteknight
    Community Member

    According to the NOD32 logs/quarantine no blocking of 1Password has taken place.
    I will submit a complaint to ESET for you if you respond with what to say to ESET.
    @AlexHoffmann If you are going to post BS please sit this one out.

    And remember before you assign blame to everyone else you have to troubleshoot because This was not an issue until I updated 1Password.

    The annoying tab does not open when Ghostery is disabled.
    With Ghostery enabled, it looks like there is a delay triggering the annoying tab.
    Will Agliebits try to replicate my findings?
    What do I say to Ghostery? (Not necessary if Agilebits is able to replicate my findings.)
    Anyone else using Ghostery?
    If you need more information about my system please ask.

    Thank you for your time.

  • @pepperwhiteknight I'm sorry if I offended you with what I wrote. We understand how frustrating these situations can be and from experience the issues are usually caused by anti-malware software that's doing its job too well.

    What I neglected to say in my last post is that we've actually reached out to ESET to find a solution for this. They got back to us a short while after you posted your last response.

    From what they told us it might be an unlucky coincidence of 1Password receiving a major update with enhanced security for the communication between the 1Password browser extension and 1Password and an update that was rolled out in ESET NOD32 Antivirus 9.0.375.0: ESET now has the ability to perform protocol filtering and will attempt to scan encrypted connections.

    According to ESET this has been rolled out a short while ago but not everybody gets updates at the same time and while this feature has theoretically existed for a while in ESET software, it has only started to get activated very recently.

    We're still investigating this but from what we can tell connection failures caused by these features are silent and thus hard to discover.

    Our contact at ESET recommends that you try to set SSL/TLS filtering to "interactive" to check if it is indeed blocking the connection between 1Password and its browser extension. Please refer to the ESET article "Secured websites do not load with ESET installed".
    If that doesn't work, you can try to exclude either the 1Password.exe or the localhost IP address 127.0.0.1 from protocol filtering. The ESET knowledge base article "How do I manage Protocol/SSL/TLS filtering in ESET Smart Security? (9.x)" will help you with that.

    Apart from that, I think that the fact that disabling Ghostery is fixing the issue might be a red herring. I'm using Ghostery with all standard block settings and I've never seen it behave like this. I won't rule it out but I believe it's unlikely unless you have a lot of custom settings.

    Please let us know if this helps.

    Cheers,

    Alex

  • pepperwhiteknight
    pepperwhiteknight
    Community Member

    Anyone else using Ghostery?
    Does disabling Ghostery fix the issue for you too?

    @AlexHoffmann @Jeff Shiner You started okay and then wrote a paragraph of irritating garbage.

    @Jeff Shiner The preceding posts are bad customer service and a waste of everyone's time and Agilebits' money.

    • You already know I am using 9.0.402.0, v402 has been out/installed since mid August and v375 is 4 releases back.
    • Firefox, 1Password, Ghostery, and ESET have been working together perfectly for a 2 years.
    • Immediately after updating 1Password from build #604 to #616 on 10/11/2016 the problem started.
    • Ghostery is set to defaults.
    • Disabling Ghostery is not an acceptable long term solution.

    @AlexHoffmann Please refrain from posting novels of useless garbage so the community can troubleshoot.

    This is the same issue:
    https://discussions.agilebits.com/discussion/70534/1password-now-launching-new-window

    FYI the problem reported in the following threads were an issue after updating to build #616.
    I simply right clicked on the link and did save as then installed the add-on from file.
    1. https://discussions.agilebits.com/discussion/70501/i-cant-update-my-extension-using-mozilla
    2. https://discussions.agilebits.com/discussion/70371/firefox-extension-could-not-be-installed-because-of-a-connection-failure
    3. https://discussions.agilebits.com/discussion/70539/unable-to-update-firefox-extension
    4. https://discussions.agilebits.com/discussion/70520/add-on-cannot-be-installed-because-of-a-connection-faliure-after-update-to-latest-version

  • AGAlumB
    AGAlumB
    1Password Alumni

    @pepperwhiteknight: I hope you don't mind, but I've split you off into a separate discussion so we can focus on troubleshooting your specific setup (which seems to differ from those of the original discussion).

    Please refrain from insults. These forums don't exist as a platform for that. So, while I appreciate your frustration, we want to keep things friendly on the forums, so please don't use abusive language of any kind. To be clear, that includes categorically referring to what others write as "BS" and "garbage". Just because someone isn't you doesn't mean that you have a right to dismiss their comments in such a manner. And doing so when we're trying to help you troubleshoot the problem you're experiencing is actually pretty counterproductive since it detracts from the issue at hand. Ultimately we need to keep the forums as friendly as possible for the wide range of people that visit. Be sure to keep that in mind in the future. We're happy to have you here, so long as you can adhere to the guidelines:

    Forum guidelines

    And after all, we're here to help, and there are things you can do to facilitate this:

    Help us help you

    Getting back to the issue you're facing, can you tell me the exact version of the 1Password extension you're using? I wonder if Firefox hasn't completed the update. These don't seem to happen on any predictable schedule, so often I find that there's an old version installed, and even manually asking Firefox to check doesn't necessarily yield results. If so, just uninstall it, and you can get the latest version from the AgileBits website.

    There are also some things that weren't clear from your comments:

    • Were you able to configure ESET as Alex suggested?
    • Did the ESET documentation on its SSL/TLS scanning and the protocol filtering settings that Alex linked to help? It's especially relevant in this case since 1Password is trying to communicate securely with the browser extension. And anything that is actively performing a person-in-the-middle attack on secure connections (in this case, ostensibly to scan encrypted traffic, which would otherwise be — and rightly so — impenetrable) will prevent 1Password from performing mutual authentication. At that point, the 1Password app isn't connecting to the 1Password extension; each side is connecting to ESET, and 1Password isn't going to pass your sensitive information in either direction if it cannot verify that nothing is intercepting it.

    I think it's easy to overlook the fact that 1Password isn't interfering other software, or preventing itself from functioning. If that were the case, it wouldn't be working for anyone, and other stuff would be broken on our machines as a result. But unfortunately other software can and does interfere with 1Password. You're asking 1Password to do a job for you, and it does...so long as nothing actively prevents it from doing so. 1Password can't (and, arguably, shouldn't) aggressively "fight back" against other apps that interfere with it. Rather than bringing down your system, it fails gracefully. But the fact remains that we have no control over what other software does. We can only reach out to the vendors (as Alex has already mentioned) and try to help them understand what 1Password is and how it works. 1Password's job isn't to escalate the PC security arms race, but rather to secure your data. And I think the fact that you're not complaining about 1Password's security (but rather the effects of the behaviour of other software on 1Password) is a testament to that.

    But you're right: 1Password not working when we need it to is not a good experience! I think it's likely that more people are experiencing these problems currently because 1Password is now behaving more securely by using mutual authentication with the browser may be triggering a knee-jerk reaction from some "security" software since it doesn't fall within the narrow definition of "normal" app functionality (i.e. word processing, email, and web browsing). Much like many vendors are now installing invalid self-signed certificates into browsers and OSes without the knowledge and consent of the user. But that's a whole other can of worms.

    It's likely that in time other software will "learn" (or be "taught") about 1Password's new authentication behaviour. This is a "chicken and egg" problem: if we don't release these authentication improvements, no one will ever adjust to them. But if we do, other software may be unprepared and have a bad interaction with 1Password. However, if we do nothing at all so we can avoid disrupting anyone's workflow, forego making these changes, and you or anyone else fall prey to an exploit down the road, you'd (rightly) point an angry finger squarely at us for failing to act in a responsible manner. Although this is necessary, I apologize for the inconvenience this has caused you and others. And of course we're here to help. There are a lot of folks out there who aren't having these issues because there's nothing stopping 1Password from connecting securely to the browser, but of course there are some who are affected. I'm sorry that you're among the latter group who are suffering from this. But we'll help you get this sorted out. Please let me know what you find when trying the suggestions above. I look forward to hearing back from you!

  • pepperwhiteknight
    pepperwhiteknight
    Community Member

    Even more verbose. You showed me who is boss.

    Posted earlier ===> I disable Ghostery the problem goes away.
    So, is ESET the final answer?
    Why not suggest pausing protection in ESET?
    I uninstalled ESET and the problem persists when Ghostery is enabled.
    Did I just rule out ESET NOD32 Antivirus?
    What do you think?


  • Hi @pepperwhiteknight,

    Thanks for sending us this information.

    I'm not ruling our Ghostery at all. Given its function, it's certainly possible that there is some kind of interaction between it and the 1Password Firefox add-on. I'm using Ghostery on a few of my testing setups and my personal Windows PC and I haven't had any issues with it, using it with the standard settings and any number of anti-malware programs.

    We consider ESET the potential culprit, because it is one of the few anti-malware programs that requires the user to set an exception to properly work with 1Password.

    That said: your case does present an anomaly and I'm in the process of trying to recreate your setup using the data you already sent us with the error report via email. I'd like to kindly ask you to create a new Diagnostics Report from your Windows PC after you reproduce the error with Ghostery active:

    https://support.1password.com/diagnostics/?win

    Please add the following code (including the square brackets) to the Subject of your diagnostics email(s) before you hit "Send":

    [#AFJ-11288-277]

    This will link your diagnostics to our current discussion. I'm going to take a close look at this second report and get back to you as soon as possible.

    ref: AFJ-11288-277

    Cheers,

    Alex

  • pepperwhiteknight
    pepperwhiteknight
    Community Member

    ESET is no longer installed and the problem persists. So ESET is not the culprit. Your company's response doesn't agree.

    Ghostery and 1Password are not working well together on both of my windows 7 x64 machines.
    I have to close the "helper tab or whatever you want to call it" so I will deal with it for the time being.

    I no longer want to interact with your company's support team. It is frustrating to read a defensive wall of text. You do not value your customer's time. The reason I write so little is because I value your time and get straight to the point. I will submit the diagnostic email.

    Thank You and Goodbye.
    [#AFJ-11288-277]

  • AGAlumB
    AGAlumB
    1Password Alumni

    I'm sorry that you feel that way. Thanks for taking the time to share that information. We'll continue to pursue this as well. Take care.

    ref: AFJ-11288-277

This discussion has been closed.