Webroot Filtering Extension (Chrome) no more Green Padlocks

  • 25 October 2013
  • 80 replies
  • 899 views

Userlevel 3
Enabling Webroot Filtering Extension causes safe "green padlock" sites to report a message that states "this page includes other resources that are not secure".  This image should explain everything.
 


80 replies

Userlevel 5
@ wrote:
I have, and it made no difference. I couldn't see any other settings that would relate, though I did try also unchecking the "Automatically protect new browsers" setting too. Again (and as expected) that made no difference either.

So now I'm curious---with the extension disabled, is Webroot able to do anything to protect my computer, or that an integral piece of the puzzle?
The web filtering extension is important to protection and I would strongly recommend leaving it enabled. The Chrome warnings are superficial and not indicative of any underlying problem with the websites you're visiting. I'll have the team look into what we could possibly do to avoid this but it is due to how Chrome's sandbox works and how plugins are forced to integrate with websites so there may not be a workaround available.
Userlevel 5
@ wrote:
@ wrote:The web filtering extension is important to protection and I would strongly recommend leaving it enabled. The Chrome warnings are superficial and not indicative of any underlying problem with the websites you're visiting. I'll have the team look into what we could possibly do to avoid this but it is due to how Chrome's sandbox works and how plugins are forced to integrate with websites so there may not be a workaround available.

From my perspective, this extension is hurting users more than helping.  I have a bona fide secure website (optilegra.com), and could not place a higher emphasis on security... yet...
 
1) The Webroot Filtering extension lists it as only "yellow" in google (even though I'm listed as "green" at brightcloud.com... the website I was told that generates the colors for the website in the google listing)
 
and
 
2) The padlock on my website isn't green.
 
That's TWO false negatives regarding my website, that occur for unrelated reasons.  The extension lies to users about the actual security level of my business.
 
I like the webroot software on my computer, but (as of right now) this extension is garbage and possibly costing me business.  I mean, that's always a fun phone call to take... "Hey I went to the website on your business card, but my antivirus programs says you aren't safe..."
 
Fix this.  
 
Now.
 
Or please disable it for all your users until you stop lying about a secure website being insecure.
 
Kind regards,
David
 
Hi David,
To your point #1 - this can be corrected by contacting our support team to have them adjust the rating on your website.
 
#2: I appreciate the concern, but it isn't Webroot which is saying that secure websites are insecure. Google has a limitation in their ability to discern content types and there are several other companies in similar situations as evidenced by the Chromium developer blogs.
 
I've spoken with the team and it won't be caused solely by the search result annotation so that change will not correct it. At this point, there is no workaround - the change would need to occur within Chrome to better identify content types and connections, as it affects other software much more broadly than just Webroot.
Userlevel 7
@_GoSpursGo wrote:
Hey guys, I was just able to replicate what he is talking about. This is without the filtering extension enabled. Notice that the padlock in the address bar is completely green.With the filtering extension enabled the padlock is still there but it says that "there are some unecrypted elements" in the webpage and show it turns yellow:
 
Is this what you are talking about?
Hi Evan...that is all correct and as a reminder Joe explained it all in this previous post in this thread...and currently there appears to be no workaround...but as I said in my previous post...the view from the experts was, I believe, that WSA provides as good if not better protection of the browser, etc., then Chrome's own protection...so there is no danger in not having the green padlock on...at least that is how I understand it and I have not suffered as a result.
 
Regards
 
 
 
 
Baldrick
Userlevel 3
Thanks everyone.  I just posted this issue in the ideas forum.
 
Could you all please visit this link and Kudos the issue to bring it to Webroot's attention?
 
https://community.webroot.com/t5/Ideas-Exchange/Bug-fix-for-Webroot-Filtering-Extension-on-Google-Chrome/idi-p/121588
 
 
Thanks again, and sorry I was being so negative.  I was quite frustrated at what I had assumed were company responses to the problem.
 
Kind regards,
David
 
Userlevel 5
This is an unavoidable behavior because Webroot changes the content of search result pages by injecting content into them for the search result annotation. This will happen with any product analyzing search pages (unless they're lying to Chrome) but it doesn't affect performance or the behavior of Chrome.
 
Let me know if you have any questions!
Userlevel 7
Badge +56
@ wrote:
Hi manight
 
Unfortunately you cannot post images until you have reached a certain number of posts.  But I believe that you can include a link to a picture hosting site where you have placed the image...or just post a bit more and then come back to this thread...;)
 
Regards
 
 
 
Baldrick
I've actually updated the permissions to allow image posting by new members, but they go into an approval queue first to make sure they are ok.
Userlevel 7
Hi manight
 
The reason for the behaviour you are referring to has been discussed at length earlier in this thread and at present there is no work around or solution.  Having said that with WSA fully switched on it provides better protection of the browser than Chrome's own functionality...and therefore I now ignore the fact that there is no green padlock in the address bar in Chrome.  To date I have not yet been compromised by a browser-related attack.
 
 
Just my thoughts on the subject...for what they are worth.
 
Regards
 
 
 
 Baldrick
Userlevel 7
Badge +56
Okay I see whats going on as I disabled the Web Filtering Extension and the green Padlock reappears so as Solly said above is true!
 
Daniel  ;)
 

Userlevel 7
Hey guys, I was just able to replicate what he is talking about. This is without the filtering extension enabled. Notice that the padlock in the address bar is completely green.

With the filtering extension enabled the padlock is still there but it says that "there are some unecrypted elements" in the webpage and show it turns yellow:


Is this what you are talking about?
Userlevel 7
Seriously, file a Trouble Ticket...that will update Support with the any new info and get the issue re-reviewed.  We are not Product Dev's here....we are volunteers.
 
TH gets Kudo for attempting to explain as it has been explained by the Dev's in the past.  He gets Kudo's for making sure exactly what the issue at hand is.  He gets Kudo's for the correct reply in the end that a Trouble Ticket would be appropriate at this time.
Userlevel 7
Badge +56
@ wrote:

Okay we are not getting anywhere so it's best to contact the support inbox and to speak to one of the fine folks from Webroot!
 
Cheers,
 
Daniel ;)
I did that. 8 months ago.
 
I pursued this through every avenue Webroot had when i first noticed it. Your response is typical of the kind of help i received.
 
(Seriously why is TripleHelix constantly getting kudos? He hasn't said or done anything that helps resolve this issue...)
 
Kind regards,
David
Why Kudos really? I'm a Volunteer like most of us in here we do our best but we don't develop WSA so who should you be talking to about this big issue? And yes I don't have an issue with this as my Browser is Firefox 99.9% of the time and the extension is built on BrightCloud http://www.brightcloud.com/platform/webroot-intelligence-network.php so even though I have Chrome the Web Shield will block bad sites so what is there to worry about? Never mind don't answer that!
 
Thanks,
 
leinaD
Userlevel 7
Badge +62
Hello all you guys...uhm I've stayed out of this post today but have been following it and have learned a lot of good things...don't make me copy and paste them...But as a team member of Webroot Community Forum I will Kudo TH and DavidP1970 and all who conversed in this very conflicting post trying to help all of you with your issues.

We are not Developers...We are volunteers to help trouble shoot and help others!

Regards,
Yrrehs
Userlevel 7
I already did.  Good post over there!
Userlevel 7
Badge
This is an unacceptable issue that Webroot needs to address immediately. It prevents users from verifying the security of their web sessions as they are taught to do.
Userlevel 5
@ wrote:
Hi Joe,
 
So this is a Chrome issue and are Firefox & IE affected by this as I don't use Chrome?
 
Thanks,
 
Daniel ;)
 
Correct, this is only going to happen on Chrome (partly due to their sandboxing).
Userlevel 5
@ wrote:
@   And there is no possible work around now and how about for the future? Just in case someone asks!
 
Thanks,
 
Daniel ;)
 
At the moment, Chrome does not have any workaround available for it. I'm checking if we could limit it to only search result pages (from the posts it sounds like it's happening on other pages as well - can someone confirm?)
 
Thanks!
Userlevel 7
Badge +56
Hello and sorry as I didn't read the whole thread can you make sure your Browsers show here and are under protect?
 
Thanks,
 
Daniel 😉
Userlevel 7
Hi manight
 
OK, got you...and in fact as a result was going to recomend what Daniel just advised...but he beat me to it...again...;)
Userlevel 7
Badge +56
The program that you use for coding on Identity Shield add the main EXE to the list but under Allow and re-enable the ID Shield protection and see if that helps?
 
Daniel 
Userlevel 7
Hey Daniel, I didn't see yours until I posted mine. Looks like we were going the same place with the screenshots though 😃
Userlevel 7
Badge +56
Yeppers! 😉
Userlevel 7
Badge +56
That's why I never caught on as I never used Chrome till about 6 months ago I did just to help support it so even I learn new things everyday!
 
Daniel 😃
Userlevel 7
Badge +56
@ wrote:
I first brought this issue to Webroot's attention 8 months ago.  They still have not owned this issue. Their extension still makes people wonder if my website is safe.
 
Acceptable responses from Webroot:
- fix the problem
- remove the part of the extension that is causing the problem (perhaps put that part into a second, separate extension that can be optionally enabled)
- add a note to the gray padlock for safe sites (like mine) explaining that the website is actually safe
- upon the extension being enabled (and whenever a browser is launched) make a splash page that educates the user about how they will never see green padlocks again and why (user can disable the splash page in preferences)
- do an update that force-disables the extension until it's repaired
 
What's not acceptable is leaving this issue alone and just making dubious forum responses that "you're safer with this enabled". That does nothing to educate the vast majority of users.
Well I would say what Joe did and say you are safer with the Extension enabled!
 
Daniel
Userlevel 7
Badge +56
@ wrote:
TripleHelix wrote:
Well I would say what Joe did and say you are safer with the Extension enabled!
 
Daniel
1) That is not the point. The point is that uninformed users (which would be all Webroot users not reading this thread) think my website is unsafe and Webroot has done nothing to educate them or help them understand that it is their product that makes my site look unsafe.
 
2) Prove that it's safer. When a product throws up false-negatives indiscriminately, and the company is ok with that behavior, I'm skeptical of the kind of protection they offer...
Okay we are not getting anywhere so it's best to contact the support inbox and to speak to one of the fine folks from Webroot!
 
Cheers,
 
Daniel 😉
Userlevel 7
Support referred you to create a post in the Ideas section of the Community.  Have you done so?  They did not suggest to move the discussion from Support to the Community for discussion in general or for technical help: the Ideas area is specifically for requests to add or change product features.  You can find it HERE.
 
@ , Can you take a look to see if any new or updated Trouble Ticket has been filed for this by the member above? 
 
 

Reply