Jump to content

Trust Tracker > where does trust populate?

bjm

By bjm
in Chrome

Go to solution Solved by gonzo,

Recommended Posts

bjm

bjm

Posted
Posted

Hi
When I opt to trust ...for example: a tracker on a site.  Where does the trust event populate to.  I'm not seeing trust event with Allow list.  I'm curious because the trust event seems to survive browser refresh.   Does trust event create cookie and I just need to clear cookies? 
 

png_8516.png

png_8517.png

png_8515.png

Link to post
gonzo

gonzo

Posted
Posted

I'm kinda grasping for straws here.  If I am reading this correctly, you created an exclusion but say it is not being honored.  Is that correct?  Browser cache does need to be cleared to prevent residual information from affecting you.  I would probably close the browser and reload it, so that databases are reloaded.  Exclusions are added to local databases, but the exclusion must also specify which of the categories it applies to.  A malware exclusion would not affect a tracker exclusion, and vice versa.  Also, a tracker applies only to the website that is being affected...they are not excluded for all websites.  They are somewhat tricky.

If I am completely offbase here, please try again with different words.

Link to post
bjm

bjm

Posted
  • Author
Posted
On 12/28/2020 at 4:50 PM, gonzo said:

I'm kinda grasping for straws here.  If I am reading this correctly, you created an exclusion but say it is not being honored.  Is that correct?  Browser cache does need to be cleared to prevent residual information from affecting you.  I would probably close the browser and reload it, so that databases are reloaded.  Exclusions are added to local databases, but the exclusion must also specify which of the categories it applies to.  A malware exclusion would not affect a tracker exclusion, and vice versa.  Also, a tracker applies only to the website that is being affected...they are not excluded for all websites.  They are somewhat tricky.

If I am completely offbase here, please try again with different words.

Sorry, for my slow reply.  

Okay....seems like the Trust event is finicky to populate to the Allow list and is finicky to leave the Allow list.
for example: I see "Trust event" and no entry with "Allow list" at the same time even with several page refreshes.

and other times I see blocked Trackers and site populated to Allow list.  

Maybe, Browser Guard is bumping in to my uBlock Origin setup.  

I have ensighten.com noop with uBlock Origin.  I think Browser Guard Trust event works because the function on the website that did not work with Browser Guard ensighten.com block....worked with opt Browser Guard Trust.   Just that when I went looking in the Allow list.  The Allow list was empty.  Just head scratch.  And same Trust event once populated with the Allow list seems stubborn to clear with reversing Trust.  

Just seems like Trust event does not appear and remove from Allow list as I expect.  I expected the Trust event to be mirrored with the Allow list.  Seems I need to manually remove the Trust event from Allow list and I was expecting Trust event to be per page load or maybe per browser session. 

My apology ... if my explanation is lacking.  Trust event feels finicky...which may be due to my expectations are confused. 

 

 

 

png_8566.png

png_8567.png

png_8564.png

png_8565.png

Link to post
Hardhead

Hardhead

Posted
Posted (edited)

I don't think its Browser Guard because I disabled Ublock and got no alerts from Browser Guard at all. I think it must be the host file in the pic that is blocking this site just from what I'm seeing. So you will have to try settings up Ublock filters manually and that should fix the issue.

Oh one other thing I forgot to mention is I'm using FF and not Chrome

Uben1.png.b8d0994d8e23a8c7ce9aaca7b4a923b8.png

Edited by Hardhead
Add last sentence
Link to post
bjm

bjm

Posted
  • Author
Posted
On 12/28/2020 at 4:50 PM, gonzo said:

 Exclusions are added to local databases, but the exclusion must also specify which of the categories it applies to. 

...and where is the local database? - local database path?  Where are items with the "Allow list" stored. 
Does Browser Guard extension run off cloud database?

Link to post
bjm

bjm

Posted
  • Author
Posted
14 hours ago, Hardhead said:

VirusTotal results below: 


https://www.virustotal.com/gui/url/6c11b222e073f3c6ec0de16bec2cf879b6410b548c18970bfdbd9f9e062d1ab4/detection

 

as far as I know ...ensignten.com is deemed by Browser Guard as an ad network / tracker
ensighten scripts are working for community.norton.com
ensighten.com website itself is not a concern.  

nexus.ensighten.com is not a website it's Ensightens Tag Management Platforms Tag Delivery Network (TDN) domain, users cannot rate that domain as a normal site for things like Trustworthiness and Child safety. Ensighten deploy JavaScript via the TDN, so it's involved in 'Online Tracking', but not directly by Ensighten, the tracking is done by the types of tags that are deployed by the client through the TMS tool. So Ensighten and the nexus.ensighten.com domain are not the risk in regards to Privacy or Tracking, Ensighten is just the CMS for JavaScript, the conduit for the tag code. Ensighten provides Solutions to help customers manage their Privacy concerns, provide explicit/implicit opt out options for users and to whitelist and blacklist specific types of tags.

Link to post
gonzo

gonzo

Posted
Posted

This thread is a challenge to follow, so probably the best thing for me to do is comment on certain areas and hope that it fills in the blanks.

  • In one screenshot, you have shown my.norton.com being added to the Allow list as an Ad/Tracker.  An entry such as that would only be valid if that specific website is functioning as an Ad/Tracker.  If it were the website on which a block was occurring BUT NOT THE CAUSE OF THE BLOCK, that entry would not be valid.
  • The Allow list will not be populated by Browser Guard as a result of going to any specific web site.  It is an entry added by the user to override Browser Guard behavior for a specific website that blocks content for one of four specific reasons, but ONLY for that reason.  As an example, if website abc.com had been blocked as an Ad/Tracker and was allowed as an Ad/Tracker, it would not be blocked in the future as an Ad/Tracker.  But if that same site was found to be malicious, it could still be blocked.
  • Browser Guard downloads databases from the cloud at regular intervals and stores them locally in an encrypted format.  They are not designed for user inspection or modification.
  • When it comes to interaction between Browser Guard and Ublock Origin, I must defer to users who have knowledge in both as well as the interactions between them.  I do not have that background.
  • Like 1
Link to post
bjm

bjm

Posted
  • Author
Posted

Okay...I'll accept that Allow list does not populate with Trust event.  I'll accept that Allow list is for manual override.  I'll accept that Allow list populates with manual override of Protection for this website toggles. 

So, when I opt Trust nexus.ensighten.com and then navigate away from that page.
I'd have to find the same page and find nexus.ensighten.com as Trust....in order to reverse Trust for nexus.ensighten.com

Guess, I imagined a "Trust on this site event" as a temporary status that refreshes to default Block status with page refresh or browser cycle. 

I think I observed Trust against nexus.ensighten.com survive browser restart. 

I'll accept I'm confused and apologize for spreading my confusion.  

Quote

Browser Guard downloads databases from the cloud at regular intervals and stores them locally in an encrypted format. 

Ahh....I thought databases were all cloud.  I thought Browser Guard only queried the cloud.
My browsers run sandbox'd.   So, I need to figure out how to open a whole for Browser Guard databases to write outside sandbox.  
Or, figure out if the full databases download during a browser sandbox session.  
I know Browser Guard throws page blocks.   Either I'm accessing local databases or cloud databases that downloaded in to my browser sandbox.  I wish I knew the path to the Browser Guard database to maybe open a whole for Sandboxie to write outside sandbox.   

With uBlock Origin I'm able manually pull filters updates outside sandbox.  Sandboxie reads from browser profile.  I'd need to open direct access for Sandboxie to write outside of sandbox.  

I guess Browser Guard does not have a way to manually pull current databases. 

Thanks to all.  I need to re-think Browser Guard.  BG works in my browser sandbox.  I'm not knowing how databases update outside sandbox.  

Can you share how frequently database updates? 

Link to post
gonzo

gonzo

Posted
Posted

Databases download EVERY time you start a new browser session.  This also clears the "incredibly huge and extremely difficult to wade through program log" that I often have to go through for the more difficult false positives.  In addition, databases update every 15-30 minutes, which is the time period I quote to users when whitelisting.

I run my browsers without caching, because a perceived lack of change in block status is often nothing more than a caching issue.

One more item about databases...a new browser session will request a database update, receive the data, and parse it as required.  An impatient user may run into a previous instance of the database if the update process has not completed.  This would look like the block they complained about is still in effect.  It doesn't take long, but as with anything related to the Internet, a huge download in one app can affect the performance of another app.

  • Like 1
Link to post
bjm

bjm

Posted
  • Author
Posted
16 minutes ago, gonzo said:

Databases download EVERY time you start a new browser session.  This also clears the "incredibly huge and extremely difficult to wade through program log" that I often have to go through for the more difficult false positives.  In addition, databases update every 15-30 minutes, which is the time period I quote to users when whitelisting.

I run my browsers without caching, because a perceived lack of change in block status is often nothing more than a caching issue.

One more item about databases...a new browser session will request a database update, receive the data, and parse it as required.  An impatient user may run into a previous instance of the database if the update process has not completed.  This would look like the block they complained about is still in effect.  It doesn't take long, but as with anything related to the Internet, a huge download in one app can affect the performance of another app.

Okay....knowing that Databases download EVERY time you start a new browser session is great to know.  I check for updates outside sandbox.  So, BG databases will update and when I run browser sandbox.  Database will be copied over to sandbox.   

Think I found database available in my Edge sandbox.
{"md5":"d3c206f9ace4f1dda048ebbabc5f93c4","name":"mbgc.db.worm","sha256":"a2f81a477fb16a9d8d59da70b2f898e0d142166d8098f0567b8dfde4c712bfdf","size":5122,"url":"https://cdn.mwbsys.com/packages/mbgc.db.worm/d/3/c/2/d3c206f9ace4f1dda048ebbabc5f93c4/e85c1643-ff4e-4377-bcdc-2e507f3a96ed.worm","version":"1.0.202012291252"}}á÷Ù< X         last_successful_fetch"12/31/2020, 4:37:05 PM"Ãf¢#= Y         last_successful_unpack"12/31/2020, 4:37:14 PM"

Does "Trust on this site" write to this database?   Is this the only databases repository?

png_8572.png

Link to post
bjm

bjm

Posted
  • Author
Posted
Quote

I run my browsers without caching, because a perceived lack of change in block status is often nothing more than a caching issue.

Yes, I've experienced local caching issues with Norton Safe Web reporting.  After a website classification false positive is cleared.  I'd need to clear local cache to get updated status. 

Link to post
  • Solution
gonzo

gonzo

Posted
  • Solution
Posted
43 minutes ago, bjm said:

Does "Trust on this site" write to this database?   Is this the only databases repository?

I do not know the answer to these questions.  Supporting > 4M users is more than enough to keep me busy.  One of these days, I might have a chance to find the answers.

  • Like 1
Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept