[fad] Creating Rules Without Prompt.

werby3

Hello,

When a service of an application is "automatic started", after (Win7 Ult. 64bit sp1) restart, BDIS 2013 (16.18.0.1406) creates an allowing rule even if "Paranoid" is ON.

This did not happen in BDIS 2012 and I think this is an issue that should be fixed ASAP.

Regards

werby3

...and of course I refer to services that need network access.

THX

werby3

...for example with "TeamViewer".

Please try to reproduce the issue by deleting the rule for "TeamViewer service" and restart.

Of course with "Paranoid" ON and "TeamViewer service" in "automatic startup" mode.

After restart you 'll see an allowing rule created, without any prompt.

In BDIS 2012 after restart and user's log in, a pop-up ask for permission.

Regards

rootkit

Hello

Thank you for your feedback!

This situation was escalated to our developers.

I will get back to your soon with more data on this.

Have a great weekend!

rootkit

Hello

I have talked with someone from the Firewall Team and since we released 2012/2013, the behavior is a little different.

So, if the file has a digital signature, the access is permitted. If you want to change this, you will have to modify the rule manually.

In conclusion, the module is functioning as designed.

Thank you for your time!

werby3

Hello Christian,

Ok that's enough. You said me that now firewall acts like Windows one so, what's the need of this.

I don't need a firewall that first creates an allowing rule and then I have to modify it. It is dangerous!

Every new version means, actually, less control.

Among other things, this is the best reason for me not to renewal.

I want to personally thank you very very much for your support.

I have to say "good bye" unless your team fix this, cause it's a very critical issue.

Regards

rootkit

Hi

A digital signed file by definition is not considered suspicious/malicious.

When the firewall module receives an internet access request from a process, it is scanned with the engines to check for infections, the digital signature is checked in cloud and if everything is clean, the rule is created with normal permission.

All known programs that are in our database and have a digital signature are allowed by default. It is the only way to make the firewall module to work with Auto Pilot.

That's why that service is allowed by default because is legit.

For advanced users, we recommend to manually create a rule or edit an existing one.

Thank you very much for your feedback and understanding.

werby3

...It is the only way to make the firewall module to work with Auto Pilot.

.....

For advanced users, we recommend to manually create a rule or edit an existing one.

Thank you very much for your feedback and understanding.

No! I cannot understand the way you're thinking (maybe I'm an idiot).

I want to ask you, what's the meaning of "Paranoid" mode cause, as far I know, when it's ON, "Auto Pilot" is OFF.

Perhaps you have to eliminate "Paranoid" mode because it becomes useless after last version "improvement"

And what if my app (like most users) is a cracked one or for other, personal reasons, I don't want it to have internet access?

So, before I run or install (in case of auto-start services) this app, I must create a denying rule.

Hey, this is not for advanced users; this is for magicians

Finally consider that every year you gradually reduce the possibility to totally control firewall.

Maybe you want to be the guardian of legality and if so then you really deserve the award for best and honest company!!!

God bless you

coolcool1227

I agree werby3 to some extent that "every year you gradually reduce the possibility to totally control firewall".

What I understand from his posts that he wants to select action "Allow" or "Deny" since he set Paranoid Mode ON, but apparently the problem is that the all known programs that are in database and have a digital signature are allowed by default for both Paranoid and Auto Pilot Modes. So the Paranoid Mode also behaves silently. For advanced users both prompt and manual options should be available.

Some of the present viruses also have digital signatures. Not sure about this but here is Ref: http://forum.bitdefender.com/index.php?showtopic=36069

Also there were two options in the version 2011 that are not user selectable at present, may be set hiddenly by-default.

1) Detect applications that changed since the firewall rule has been created

2) Don't detect changes in digitally signed applications

werby3

Thank you very much ONT!!!

I also want to add:

With BDIS2011 you could control even OS accessing the net.

With BDIS2012 this was impossible (General Rules).

With BDIS2013 we have not total control even for apps!!!

In general, privacy is sacrificing for user's ease OR perhaps for supposedly legality.

I am not going to follow this cause Ι don't want a cοp in my PC.

Regards

coolcool1227

You are most welcome werby3.

I agree with you that in the Bitdefender 2011, we have more control over the product settings e.g RTP, Firewall, HIPS, Updates etc and since then we are loosing that much control.

AstroMax

I don't fully understand.

In the user's guide it's written:

When Paranoid Mode is turned on, the Autopilot is automatically switched off.

As long as Paranoid Mode is on, an alert will be displayed prompting you for action

every time one of the following situations occurs:

● An application tries to connect to the Internet.

So my understanding is that if you set Paranoid Mode ON, even all known programs that are in database and have a digital signature will have to be allowed/denied by the user.

Or not????????????

werby3

Hello AstroMax

From my experience, when an app tries to access internet, with "Paranoid" ON, BDIS2013 will prompt you.

BUT if an "Automatic Start" Service of an app tries to connect to internet, even with "Paranoid" ON, BDIS2013 will create an allowing rule WITHOUT any prompt.

This was not happening in older versions and all I say is that this is a very critical issue.

BD team answered that this is normal (because of digital signature) and I think that they just underestimate our intelligence with answers like this.

Regards

AstroMax

Hello AstroMax

From my experience, when an app tries to access internet, with "Paranoid" ON, BDIS2013 will prompt you.

BUT if an "Automatic Start" Service of an app tries to connect to internet, even with "Paranoid" ON, BDIS2013 will create an allowing rule WITHOUT any prompt.

This was not happening in older versions and all I say is that this is a very critical issue.

BD team answered that this is normal (because of digital signature) and I think that they just underestimate our intelligence with answers like this.

Regards

If so, then in my opinion such firewall is not doing what I want. Again, engineer's point of view, not user point of view.

I also think it's a critical issue. Perhaps technical team shouls clearly explain FW behaviour, both in AutoPilot and paranoid mode.

werby3

Hi,

By my side, I am not waiting for an explanation(???) but for an immediate fixing!!!

For all these years my patience is tested paying for a product that getting worst year by year with unresolved bugs and issues (like deletion of files w/o prompt when scanning, less control in A/V & Firewall etc.etc.) that presented as a normal behavior.

There are A/V & Firewall programs that give lessons about behavior and one of them is absolutely free (I'm sure you know it) so, staying here and waiting for the Romanian dragon to wake up is at least stupidity.

THNX

werby3

Hello,

Following Post #3 & Post #5

When you manually start the same service ("TeamViewer service") then BD prompts for an action (if there is no rule).

This proves that "Digital Signature" is not the reason of this ISSUE.

Regards

werby3

Hello,

Following Post #3 & Post #5

When you manually start the same service ("TeamViewer service") then BD prompts for an action (if there is no rule).

This proves that "Digital Signature" is not the reason of this ISSUE.

Regards

Hello

Any answer?

P S : I think this is not a [fad} post.

coolcool1227

Hello AstroMax

From my experience, when an app tries to access internet, with "Paranoid" ON, BDIS2013 will prompt you.

BUT if an "Automatic Start" Service of an app tries to connect to internet, even with "Paranoid" ON, BDIS2013 will create an allowing rule WITHOUT any prompt.

This was not happening in older versions and all I say is that this is a very critical issue.

BD team answered that this is normal (because of digital signature) and I think that they just underestimate our intelligence with answers like this.

Regards

Good findings, I think its Paranoid Mode's Paranormal behavior.

What I understand from this reply is that, if the applications are loaded/started automatically let say on the Windows startup e.g drivers, idm, messengers etc, their rule will be silently created even if the Paranoid Mode is ON, but when they are executed manually, Bitdefender prompts, if Paranoid Mode is ON.

werby3

Hi ONT

I don't know about apps that run on Windows startup (cause I never let them run - except the necessary ones like BDIS), but I am sure about SERVICES of apps that are in "Automatic startup" mode and BDIS allows net access w/o prompt.

I explain that in Post #3 where BDIS allows (after Win restart) "TeamViewer Service" w/o prompt, but if you run the application, it prompts you for an action.

THNX for response

werby3

Hello,

Following Post #3 & Post #5

When you manually start the same service ("TeamViewer service") then BD prompts for an action (if there is no rule).

This proves that "Digital Signature" is not the reason of this ISSUE.

Regards

Hello

Any answer?

preguntonontrack

I could not agree more with werby and by the way this was not happening to me 2 weeks ago and i have been using TS 2013 since it launched... FIX THIS ALREADY!

preguntonontrack

Hello AstroMax

From my experience, when an app tries to access internet, with "Paranoid" ON, BDIS2013 will prompt you.

BUT if an "Automatic Start" Service of an app tries to connect to internet, even with "Paranoid" ON, BDIS2013 will create an allowing rule WITHOUT any prompt.

This was not happening in older versions and all I say is that this is a very critical issue.

BD team answered that this is normal (because of digital signature) and I think that they just underestimate our intelligence with answers like this.

Regards

Paranoid switching off is not an option and this is not even tolerable at any level. Fix this ALREADY!

werby3

Hello,

Following Post #3 & Post #5

When you manually start the same service ("TeamViewer service") then BD prompts for an action (if there is no rule).

This proves that "Digital Signature" is not the reason of this ISSUE.

Regards

Hello

Any answer???

werby3

Hello

I've just noticed that ISSUE HAS BEEN FIXED.

THANK YOU

rootkit

Hello

Some improvements were made to the firewall module in the last build, 16.22.

Thank you for your feedback!

Take care.

juhurus

This issue of loosing firewall rules and forgetting settings does not seem to be fixed. I only installed the 2013 version 2-3 weeks ago and this has been a problem since day one. This morning when I started the laptop it has lost all of the rules (previously blocked and allowed ones) and kept asking me for each single program/service.

The other day it asked me to allow/block programs which I had previously blocked. It just lost/deleted all the "block" rules (but not the "allow" ones) and wanted me to create a new one again for the same programs but only the once which I had blocked before. Why would it do that? Why is it not enough to create a rule once and the stick to it. Why does it loose information? Why does it not give me control of what I think is right for me.

The problem is not new and also not only since the 2013 version, it was also present in the 2012 version. In fact this was the reason for me to upgrade to 2013 hoping it would be fixed but I should have checked the forum here first. I only have about 76 days left on my license and I will use the time to research other alternatives.

Bitdefender is really getting worse and worse every year and is trying taking over the complete control which is fine for unexperienced users but not for advanced users who want to be in control of security/options and settings.

I did read the other two threats dealing with this problem http://forum.bitdefender.com/index.php?sho...amp;hl=paranoid and http://forum.bitdefender.com/index.php?sho...mp;#entry156485 which clearly showS that people want to be in charge of their own laptops and PC's. Just give us an advanced mode and let us do want we were used to be able to in older versions like 2008 or 2009.

Bitdefender GIVE US BACK CONTROL OF SETTINGS AND FOLLOW THEM AS WE WANT AND REMEMBER THEM FROM ON DAY TO THE NEXT.

If any one has suggestions of alternative security products then please let me know.

werby3

Hello juhurus

In older versions there were two ways to allow/block apps, in advanced mode.

The first one was a basic way that set rules only once and of course it was very practical.

The second one was more specific for each app (IP, port etc.) and unfortunately, this is the only way BD kept for the next versions although many users disagree with that.

Anyway you can also see this : http://forum.bitdefender.com/index.php?showtopic=36966

Regards!

werby3

Hello,

Here we are again... I've recently noticed that issue is still here and is not [fad].

When I run "Adobe CS6 Master Collection" installer there are (at least) 5 rules created without any prompt, with Paranoid ON.

P S : I've run installer many times with the same result.

Cheers!!!

Rampant

C:\Program Files\Bitdefender\Bitdefender 2013\settings\firewall\settings.xml

Here is the firewall configuration file, you could try setting a more aggressive mode. I made ​​sure that I have in autopilot mode, the module operates IDS, and blocking issues alerts. Will need to go into safe mode to edit this file.

werby3

Hello Rampant,

THX for your response.

I've already done some tests modifying those files (there is one more in "settings/default/firewall") with no result.

This is one more silent stupidity of this excellent piece of sssoftware .

Regards

coolcool1227

C:\Program Files\Bitdefender\Bitdefender 2013\settings\firewall\settings.xml

Here is the firewall configuration file, you could try setting a more aggressive mode. I made ​​sure that I have in autopilot mode, the module operates IDS, and blocking issues alerts. Will need to go into safe mode to edit this file.

Hello Rampant,

THX for your response.

I've already done some tests modifying those files (there is one more in "settings/default/firewall") with no result.

This is one more silent stupidity of this excellent piece of sssoftware .

Regards

I've tested such things since 2011 version but editing those xml file don't give the results we need. I agree with werby3.

lynx74

Hello,

Paranoid mode does not correspond to the description given by Bitdefender !

We are still waiting for a feedback from Bitdefender.

Thanks a lot

Olivier

coolcool1227

Hello,

Paranoid mode does not correspond to the description given by Bitdefender !

We are still waiting for a feedback from Bitdefender.

Thanks a lot

Olivier

We are also waiting for re-implementation of such type of very basic and useful features since the release of 2012 version.

werby3

...

...

Running "Magix Sequoia 12" installer, again rules without prompt on installation, with "Parapsychologicoid" ON.

Even if "Deny" rules had been pre-created (on Win 8 Sec).

Is it a firewall or a...firework???

To Be Continued...

eugene09

Hello,

When a service of an application is "automatic started", after (Win7 Ult. 64bit sp1) restart, BDIS 2013 (16.18.0.1406) creates an allowing rule even if "Paranoid" is ON.

This did not happen in BDIS 2012 and I think this is an issue that should be fixed ASAP.

Regards

Hi werby3,

I'm a new user of BDTS2013 and I found the same issue after the installation today! Then I did some search on google and found this post.

I agree with your views and i'm disappointed with the so called "Paranoid Mode" too.

They really should fix this or at least correct the user manual。