1Password Windows Version wouldn't respond due to connection issues in China
Hi all,
When each time 1Password is opened, it looks for updates.
However, these days I find it extremely hard to access 1Password's server without a proxy in China. (Still not knowing the reason, may be due to the GFW, or limited international bandwidth in China)
So, the program keeps not responding as it cannot link with the server and fetch an update.
If I open a proxy for 1Password using IE's proxy setting, 1Password will proceed to the next step successfully and ask me if I want to download the updates.
But even if I use a proxy, after I click "Yes", the program falls into not responding again. I think that's mainly because my proxy has high packet loss rate (up to maybe 40%) -- and this is also quite common for international connections in China, even though my proxy server is deployed at Linode.
So my guess is:
1. 1Password never supposes it may lose connection to its server, so it fails to respond if so.
2. 1Password never supposes it will need to maintain connection during updating in such a high packet loss rate.
3. 1Password never thinks it important to provide native proxy support (https/socks).
1Password Version: 4.6.0.582
Extension Version: 4.4.1
OS Version: Windows 8.1 X64 6.2.9200
Sync Type: Dropbox
Comments
-
Hi @xlcwzx,
The reason is because our update server is only offering updates via secure connections and as you know, China will interfere with it. We also just updated our security checks in 4.6.0.582 update to confirm the secure connection is valid and hasn't been interfered with, which likely means it will be more difficult in China without a proxy or VPN from now on.
Just to be clear, you said you set up the proxy in IE, which then allow 1Password to work but you didn't specify if you did this in the 1Password's network configuration.
If you didn't, please do this:
- Open the main 1Password program, cancel the update check, and unlock the program
- Click on the Preferences button, go to the Network, and enter your secure proxy information here.
Let me know if that improves it for you. If not, we'll investigate if there is something we can do for you.
Right now, if you need the latest versions, try downloading from our site here: http://agilebits.com/downloads
0 -
Hi MikeT
Thank you for the quick reply.
I just updated the latest version. I will send notes here if I find same issue later.
The update details you told me sounds great, but the reason makes me upset. I was still thinking the government will only do man-in-the-middle attack to big sites like gmail. Now it seems any SSL connections are unsafe.
Again, thank you for the reply and the software.
0 -
Hi @xlcwzx,
The update details you told me sounds great, but the reason makes me upset. I was still thinking the government will only do man-in-the-middle attack to big sites like gmail. Now it seems any SSL connections are unsafe.
Correct, do not assume it would only happen on popular sites, it can happen anywhere as long as you're not in full control of your connection from one end to another end.
You're not alone buddy, no one should be happy about this. For us, we wish we didn't have to resort to so many protections just to keep ensuring that our program is getting the updates it is expecting to get but now with more MITM attacks, we have to work harder to protect our own updates as well. It is a very sad thing.
0
