rule ignored in update cases


It seems that when you update the parent of an opened program and then use that program, the warning that “the cryptographic signature has changed” ignores completely the checkmarks that says not to bother again.

Example: Miranda IM was the parent of my browser Opera. I updated Miranda (to the next beta) while keeping Opera opened, and then checked my email. As expected, I got the cryptographic warning and checked it not to be bothered again, but I still got literally 5 warnings per email, and since I got about 20 emails, you can imagine that this can’t be a “feature”, it’s obviously broken, because noone should have to click a 100 times to get anything.

Only solution: exit Opera and run it again. Then, everything is fine.

version: - security level: very low
plenty of everything.

I can see how that would be frustrating. If you check “Remember” and Allow, then you expect it to go away.

This is an aspect of Application Behavior Analysis, and will probably trigger than parent change alert every time. As I try to work thru it logically, here’s what I find:

On other ABA alerts, if you select “Remember” you shouldn’t see the alert again for that combination of events (which will depend to some extent on the Alert Frequency - shouldn’t matter on yours, set at Very Low).

However, for the parent/signature alert, I can see why it would still pop you on it…

Once the parent has updated, it’s no longer the same parent. The name may be the same, but the file is changed. So the “Remember,” which applied to the old version of the file, is no longer valid, since the new version is not technically the same file to apply the “Remember” to. Confused? It’s kinda running a tight circle…

Several users that develop software have complained about this, as there doesn’t seem to be a way around it, and they don’t want to have to approve it every time they change it (which can be quite a lot). The dev team is aware of it. Hopefully version 3 will be quieter…



Thanks for your prompt reply.