1Password and Sophos
Comments
-
I have the same problem with Firefox/Safari/Chrome since I updated to 1Password 4. I'm on an Win7 Enterprise setup with Sophos protection. The system is locked down by our IT department, i.e. I can't change the Sophos settings. The extension keeps looking for 1Password Helper, regardless of the proxy setup (to which I do have access). Bypassing the proxy for local addresses and/or adding 127.0.0.1 and localhost to the exceptions makes no difference. I have confirmed with a TCP/IP tool that I can connect to ports 6258 and 6263 at 127.0.0.1. Similarly, when I kill the Agile1pAgent.exe process, I can no longer connect to either port. That would indicate that the Helper is indeed running, listening, and accepting connections, wouldn't it? I have also confirmed, using the same tool, that I can create a TCP server socket at any port number and locally connect to it with a TCP/IP client. So I don't think Sophos is messing with any local connections.
Any other ideas?
0 -
Hi @rogerm,
That would indicate that the Helper is indeed running, listening, and accepting connections, wouldn't it?
The 1Password Helper or local servers aren't the problem, it's the browser extension itself connecting from the browser to the Helper. AVs are more focused on website/browsers accessing local data than a local app accessing a local server. It's not common for browsers to access local data, so AVs tend to be more cautious about it.
In 95% of our cases with Sophos users, it is always working as soon as they add the 127.0.0.1 address in the website authorization. To eliminate any other possibilities on your computer, please email us your diagnostic report with a link to this thread. To generate the report:
- Open the main 1Password program, go to the Help Menu > Diagnostics Report > Export to File and save it to your desktop
- Send us an email at support+windows AT agilebits.com with the diagnostic report file attached and include the link to this thread
Thanks!
0 -
The 1Password Helper or local servers aren't the problem, it's the browser extension itself connecting from the browser to the Helper. AVs are more focused on website/browsers accessing local data than a local app accessing a local server. It's not common for browsers to access local data, so AVs tend to be more cautious about it.
Thanks for the clarification. I went ahead and killed the Agile1PAgent.ext process and started my own local server on port 6263. I then used Firefox to connect to 127.0.0.1:6263, and here is what the server received from Firefox:
GET / HTTP/1.1 X-Sophos-Filter: 0129f419cfd4044d769ddb94eef002651794b11b Host: 127.0.0.1:6263 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-aliveAlthough Sophos adds a tag to the GET request, Firefox seems to be successful in sending it to a server running on port 6263.
In 95% of our cases with Sophos users, it is always working as soon as they add the 127.0.0.1 address in the website authorization. To eliminate any other possibilities on your computer, please email us your diagnostic report with a link to this thread.
I will do that, thanks.
I really hope Sophos is not the issue as our IT department has things pretty tightly clamped down, and thus I don't have the necessary privileges to make any changes to the Sophos settings.0 -
To eliminate any other possibilities on your computer, please email us your diagnostic report with a link to this thread.
Done. Support ticket number is [#APA-38114-813].
0 -
Hi @rogerm,
This tag:
X-Sophos-Filter: 0129f419cfd4044d769ddb94eef002651794b11bis generally a sign that Sophos is modifying the data stream to 1Password Helper and that's when we can't get valid data from Firefox.We'll look into your email soon, thanks for sending it in.
0
