Connection refused Win10 [Caused by Sophos, must be configured to exclude localhost for now]

mikeruoc
mikeruoc
Community Member
edited April 2023 in 1Password 7 for Windows

I can not get the chrome extension to work with 1password on Windows 10. I see many people with the same issue and it is due to AV. I am sure mine is also. We are using Sophos but turning off is not an option just so I can use 1password. How do we get this to work with AV??


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Windows 10
Sync Type: Not Provided

Comments

  • mikeruoc
    mikeruoc
    Community Member
    edited November 2016

  • MikeT
    edited November 2016

    Hi @mikeruoc,

    Thanks for writing in.

    This is definitely Sophos (swi_fc), it's trying to insert itself into our secured communication stack, which is a security risk we never allow.

    You can try to configure Sophos to not listen on the localhost traffic by excluding it, this article will explain how.

  • mikeruoc
    mikeruoc
    Community Member

    I was able to add it. But it still seems like there should be a better and a more secure way for the extension to talk to the app then using 127.0.0.1. That seems like a hack at best.

  • MikeT
    edited November 2016

    Hi @mikeruoc,

    Thanks for writing back.

    But it still seems like there should be a better and a more secure way for the extension to talk to the app then using 127.0.0.1.

    We definitely agree with you but the browser vendors don't, they want their browsers to be sandboxed and do not want extensions to have direct local file access all the time, so they've blocked that access off many years ago, forcing us to come up with websocket communication to an external process, which requires localhost. Prior to this, we did have much better methods and more usable extensions that directly access your local 1Password data file. Over time, as security continues to tightens up for both the browsers and extensions, the less external access are available for the 1Password extensions to talk to your local 1Password app.

    Right now, there is a potential solution with Native Messaging in Chrome that doesn't require localhost or network stack but it is not supported in all browsers yet and even then, there are some concerns about using it. We are hoping this may be the next solution for us but it will take a while to get universal support.

This discussion has been closed.