I need help in understading identity shield

  • 26 February 2019
  • 39 replies
  • 1280 views

Userlevel 5
Badge +22
To understand my question a lot of info must be provided. Sorry. The questions can be boiled down to.

(1) Why does ID shield not protect IE11?

(2) How can I even prove ID shield is even running (no lock)? :D

(3) Is ID shield useful? (So many visible issues has me wondering about invisible issues. Of course, the issues I see may simply be my lack of knowlege.)



Links to GOOD posts, articles, or your information is welcome.





My trying to learn more about ID shield came about because running Firefox in a sandbox (Sandboxie) while Webroot was running caused two issues. (1) A second instance of Firefox could not be started and (2) after closing Firefox, it could not be restarted without terminating all programs in the sandbox.



Webroot support solution: This is expected behavior for an application that is being protected by Webroot Identity Shield.



The solution means that Identity Shield is not protecting IE11 as neither expected behavior is manifested when running IE11 in a sandbox. So, I am trying to learn more but the posts are ancient. Many of the posts talk about the "lock" icon which is never visible on the Webroot icon in the notification area even though the use of Firefox suggests it is working. That includes running IE11 & Firefox outside a sandbox.





All software is current, registered, and paid subscriptions

Windows 10 pro (64-bit)

Sandboxie 5.28 (64-bit)

Internet Explorer 11 version 11.316.17763.0 (I think i am running 32-bit based on MS suggestions)

Firefox 65.0.1 (64-bit)

Webroot SecureAnywhere Antivirus version 9.0.24.49

This topic has been closed for comments

39 replies

Userlevel 5
Badge +22
My third question was, is ID shield useful. So, I can't answer your question. The information in the Weboot documentation seems to be for someone who already knows the answer and acts as a reminder.

More importantly my second sentence should have read "who clicks on any link or object sent her." Clicking on a link opens the default browser which is already sandboxed.

Thus, she will open a PDF, JPG, etc. embedded in an email. My thought is by sandboxing Outlook such documents should be opened in a sandbox and that should help protect her. I have seen similar actions after downloading an installer, recovering, and then clicking on the "?Run file?" option in the browser and the installer opens in a sandbox. Again, testing will be conducted.
The information in the Weboot documentation seems to be for someone who already knows the answer and acts as a reminder.
Yes, the official PC User Guide information is surprisingly sparse:

https://docs.webroot.com/us/en/home/wsa_identityshield_userguide/wsa_identityshield_userguide.htm

https://docs.webroot.com/us/en/home/wsa_pc_userguide/wsa_pc_userguide.htm#UsingIdentityProtection/ManagingIdentityProtection.htm%3FTocPath%3DUsing%2520Identity%2520Protection%7C_____1

https://docs.webroot.com/us/en/home/wsa_pc_userguide/wsa_pc_userguide.htm#UsingIdentityProtection/ManagingProtectedApplications.htm%3FTocPath%3DUsing%2520Identity%2520Protection%7C_____2

EDIT:
Correction: I have just found my first link above to have a whole load of pages, which go into much more detail about how Identity Shield works. When I have time, I'll have to read all this to see if I can learn more that maybe I didn't know!

Btw, useful link to bookmark if you haven't already:
https://docs.webroot.com/us/en/home
Userlevel 5
Badge +22
I plan on keeping Identity Shield in effect. Keeping Firefox at "Protect" while running it in a Sandbox only prevents me from opening a second instance of FF. Maddening, but being forced to replace IE11 means having to put up with it.

Another test was performed.
While changing the Identity Shield setting for Firefox from "Protect" to "Allow" allows multiple instances it seemed prudent to see if turning off either the ID or Phishing shield would resolve the issue.

While all four configurations were tried even disabling both Identity Shield and Phishing Shield did not fix the issue.

Looking over the list perhaps it is something like the "Protect browser components from external access" or the blocking of "process modification" or "suspicious access to browser windows" that is causing the conflict.

As for the links, thanks. I have read most of them before but never the first. It seems very dated was the download (not integrated version) for Windows 8 and older and IE 7 and above?
Userlevel 5
Badge +22
Probably a final response.

There are two solutions, known to me, to getting Firefox to work correctly when using:
  • WebrootSecureAnywhere (using Identity shield for additional protection)
  • Sandboxie
  • and Firefox
  1. I chose this: Use Firefox 32-bit rather than Firefox 64-bit.
  2. Change Webroot Identity Shield for Firefox from Protect to Allow.
More draconian solutions would be to stop using any one of the three applications.
Userlevel 7
Badge +28
That's good information @ExpertNovice. However, I'd be hesitant to go that route. Your logic and reasoning is sound and I'm sure your testing is also sound. This is probably the solution that makes things work properly until Webroot fixes the product. The reason I'm hesitant is the need to use a 32-bit Firefox. Users need to know that they have to specifically download the 32-bit version of Firefox if they are on a 64-bit Windows PC. Just downloading and installing Firefox will by default install 64-bit Firefox. As an admin I often need a number of different versions for different platforms. Here's where I go to get the clean install files for Firefox. Anyone can get either the 32-bit or the 64-bit version for whatever platform they are on here.

Enjoy,
Userlevel 5
Badge +22
Nic,

Hey, do you know if FF 32-bit will update itself with patches or do I have to download and do a clean install for each?

I agree completely. Some have both versions of Firefox on their system but on mine, 64-bit was uninstalled and 32-bit downloaded and installed.

The underlying issue is almost two years old so it is unlikely to be resolved quickly as it impacts such a small segment of Webroot users.
Userlevel 7
Badge +28
Unfortunately I don't know for certain. I have a feeling that if you allow it to auto-update, it will continue to stay at 32-bit. However, you would need to test this to know for sure. I am pretty sure that if you did a manual download from Mozilla's main site and installed, it would install the 64-bit version. However, if you downloaded specifically the 32-bit updates from the site I posted, you would be fine.

The main question is, how long will this continue to work? Eventually Mozilla will stop creating new versions of the 32-bit Firefox. At that point you will want to be on the last 32-bit ESR version of Firefox. They will continue putting out security updates for that version for maybe a year. However, after that you'll either have to use an insecure older 32-bit version of Firefox or upgrade to the latest 64-bit version of Firefox.

So goes the world of software development, updates, and security. Oh the joy! 🤢
Userlevel 5
Badge +22
Thanks for responding. I failed to check this thread yesterday but after determining what version of FF WAS installed (65.0.2), what the latest version is (66.1), and how to update (easy) I had to update with the bad news.

66.1 does not work at all. It could be Sandboxie, Webroot, or the combination but that doesn't matter to me. I doubt 66.0 works, so will revert to 65.0.2 for a short while before permanently uninstalling.

I would hope they would continue creating 32 bit as long as 64 bit doesn't work for some but, given the current issue, that is doubtful. Plus, especially given this new development, I agree with you.

I REALLY wanted to use Firefox since IE11 is no longer viable. (too many websites no longer support it and some email providers are stopping support.) After Chrome was accidentally installed during an Adobe update (can't believe I forgot to uncheck that box), it took three months to get links to work from Office products. It took a reformat reinstall to fully fix the registery. So, switching to Chrome ain't gonna happen.

In an unsafe browsing envionment safety is getting harder to achieve.
Userlevel 5
Badge +22
For all my complaining, I pray this thread helps others. There sure have been a lot of great people willing to spend their time helping me, and others.

My last post was incorrect. (I will try to delete the portions in error.)

FF 6.0.1 DOES work with Sandboxie and Webroot; even with Identity Shield in protect mode for FF.

To get it to work
  1. In Sandboxie delete contents and terminate programs in the FF sanbox
  2. Start FF while pressing the Shift key. (Safe Mode)
  3. If it fails to open with trouble opening pages from a previous "crash" then shut it down.
  4. probably unnecessary but delete contents and terminate programs again
  5. Reopen. (Closed and reopened and even started a second instance. Still no issues!)
How to update FF if it is a forced program in Sandboxie
Shut down FF.
As a precaution, in Sandboxie delete contents
In Sandboxie Disable Forced Programs
Start FF
Click "Open Menu"
Help > About Firefox.
There will either be a message "Firefox is up to date" or a button to update. (Easy)

Current versions (status) can be found here:
https://www.mozilla.org/en-US/firefox/releases/
Userlevel 7
Badge +28
@ExpertNovice,

Don't blame Mozilla for changing Firefox. Out of most of the software companies out there, they support something longer than most. The change is being forced on them by other companies in the industry.

Apple phased out 32-bit for their mobile iOS operating system around 2015 and they are dropping support for their desktop OS after the next version. This means the desktop has about 1.5 years left of support. More info here.

Linux, which is known for supporting low resource devices has even started retiring support for the 32-bit version. The flavor of Linux you want to run will depend on whether they've discontinued it yet or not. More info here.

Microsoft will continue support for older versions like Windows 7 until they hit EOL (End of Life). FYI, Windows 7 hits EOL in January 2020. However, Windows 10 is different because it has major updates that come out a couple times a year that they call Feature Updates. I'm guessing, based on Microsoft's Lifecycle Support history, that they will support a 32-bit version of Windows 10 until it hits EOL. However, as you upgrade your Windows 10 to the newer Feature Updates, the support and EOL will now be based on that version, not what you originally had installed on the PC.

Some apps have already moved on to 64-bit because 32-bit was deprecated in 2008. Chrome from my understanding is one of these, which isn't surprising. They prefer to be up-to-date on technology and security, so they force updating sooner rather than later. Whereas Firefox finally dropped support for Windows XP mid 2018, 4 years after Microsoft, who had extended it by 2 years longer than their normal support lifecycle of 10 years. In other words, Firefox supported Windows XP for 16 years.

You mentioned updating Adobe Flash Player. First, I suggest you get rid of it! It's nothing but a security hole, plus even Adobe has said they are discontinuing it next year. Most sites don't need it anymore, so you might find you don't need it. However, I realize sometimes people do need it. If this is the case, you might want to look into PDQ Deploy. The free version allows you to download the Flash Player package and you can deploy it to your PCs. It's what I use as an admin to deploy software on my network. The nice thing about the Flash Player packages is they've already removed the junk. No more worries about installing the crapware that you get from the Adobe website version, Flash Player is installed and that's it.

Good Luck!
..Adobe Flash Player...I suggest you get rid of it! It's nothing but a security hole, plus even Adobe has said they are discontinuing it next year.
Nic, I think I need to check on this, being unfortunately a bit of a noobie regarding IT.

I have the Shockwave Flash plugin for my FIrefox 64-bit but I have it set to "Ask to Activate", i.e. activate manually only as and when required. I find I very occasionally need it to read a video.

I don't know if this is in any way connected but I also have Flash 32-bit in my (Windows 7) Control Panel—though I honestly can't remember the last time I used Flash apart from Firefox (years ago??).

Are either of both of these bad?
Userlevel 7
Badge +28
@Muddy7,

When you install Adobe Flash Player, it installs as a program on your PC and adds the Control Panel icon. This allows you to make some configuration changes to how Flash works, e.g. clear cache, update settings, etc. There are two versions of Adobe Flash Player that can be installed. One works for Internet Explorer and the other works for Firefox, Chrome, and Opera. Which ever version you install will add that add-on to either Internet Explorer or those other browsers. Both installers install the same Control Panel icon that allows you to configure basic Flash settings. However, each browser also has it's own settings for the add-on independent of the other browsers. In other words, I could tell Firefox to always show Flash videos and Chrome to ask me first.

Your set-up of "Ask to Activate" is the correct way to use Flash in any browser. Most people don't realize what "Always Activate" does, even if you tell it to on a website you trust. It doesn't "Always Activate" Flash on that website, it "Always Activate" Flash on all websites from then on. You can go into the browser add-on settings and change this back, but most people don't know this or know how.

Personally, I don't find a need for Flash at all and I'm an IT admin and web developer who's online all the time. I suggest everyone get rid of it because Adobe is supposedly retiring it next year anyway. However, if you can't live without it, here's my suggestion.

  1. Since you have 32-bit Flash installed and 64-bit Firefox installed, you might want to uninstall Flash. You should be able to do this through the regular uninstall Programs panel. If you have both the Internet Explorer and other browsers versions installed, you'll probably see two programs to uninstall.
  2. Restart your PC.
  3. Make sure the add-on got uninstalled from the PC and all browsers. If it didn't, uninstall it from the browsers and restart. If you're having issues let me know. FYI, I can't remember, but it may be built into Chrome now.
  4. Go here to download the latest version of Flash. When you go through this process make sure you uncheck any boxes that want you to install other software, e.g. McAfee.
  5. Restart your PC.
  6. You should be set with the latest version that is 64-bit.
You mentioned Shockwave Flash. If uninstalling Adobe Flash Player doesn't get rid of this, I'd also suggest uninstalling Adobe Shockwave Player, which they are retiring on April 9th, 2019. I'm pretty sure this is Adobe Flash Player because it appears as Shockwave Flash in my Firefox and this PC never had Adobe Shockwave Player installed on it. Adobe Shockwave Player is an old property that Adobe got when they acquired Macromedia and they haven't properly maintained it over the years. That means it's full of security vulnerabilities and honestly I don't remember the last time I saw something that needed it. I mean, it's literally been more than 5 years.

I hope that helps. If you need any additional information, let me know.

Sincerely,
Wow! Crystal clear. And you said in an earlier post that you weren't too strong in expressing yourself in English. Who are you kidding, mate 😆?

Sounds like quite a lot to do but a good idea to do. I'll try and find some time sometime. I've saved your reply to bookmarks for when I find time to implement.

Thanks for very thoroughly answering my question, Nic! Btw, I think YOU should be the one to write stuff for Webroot.
Userlevel 7
Badge +28
You're very welcome @Muddy7! I'm screen capturing that as proof to show my wife that others think I can write. 😁