How Avast’s HTTPS scanning feature works

Do you find the Avast Https scanning feature useful ?

  • Yes

    Votes: 3 50.0%
  • No

    Votes: 2 33.3%
  • It's useful, but I don't like it

    Votes: 1 16.7%

  • Total voters
    6
Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Internet users with basic security knowledge are aware that they should look for the padlock icon in the address bar or the HTTPS in a web address to indicate that a website is secure. We have gotten used to seeing it on bank sites or shopping carts where we input our credit card information. More and more, regular websites are making the switch from unencrypted HTTP to encrypted HTTPS. Last year, search giant Google sweetened the pot by adding HTTPS to their ranking algorithm. That action encouraged webmasters everywhere to make the switch to HTTPS.

But is HTTPS really more secure than HTTP?
The simple answer is not always. As more and more online services are moving to HTTPS, attacks are increasing. An encrypted connection ensures that the connection cannot be modified by anyone else, but it does not guarantee that the actual content being downloaded is safe. Just as with plain HTTP, if a legitimate website is hacked, malware scripts and binaries can be placed into the HTTPS page that appears to be safe.

That’s why it is imperative for security software to check this attack vector. To address this, Avast’s trusted Web Shield technology scans HTTPS sites for malware and threats.

How Avast’s HTTPS scanning feature works (the short version)
Avast is able to detect and decrypt TLS/SSL protected traffic in our Web-content filtering component. To detect malware and threats on HTTPS sites, Avast must remove the SSL certificate and add its self-generated certificate. Our certificates are digitally signed by Avast’s trusted root authority and added into the root certificate store in Windows and in major browsers to protect against threats coming over HTTPS; traffic that otherwise could not be detected.

Avast whitelists websites if we learn that they don’t accept our certificate. Users can also whitelist sites manually, so that the HTTPS scanning does not slow access to the site.

This video gives you an overview, but if any of this didn‘t make much sense to you, read below for a more detailed explanation. You can also explore the FAQ about HTTPS scanning in Web Shield.


Read more: https://blog.avast.com/2015/05/25/explaining-avasts-https-scanning-feature/
 

comfortablynumb15

Level 7
Verified
May 11, 2015
326
Thanks for this, very helpful. That may be the one thing I still like about Avast, is its web protection. In my experience, it's very reliable.
 
Y

yigido

I do not like this kind of feature(!)...
The primary issue concerning experts is that Superfish replaced SSL certificates..
What about PrivDog, the same! What Avast does here?? Avast puts its their certificate.
Whats the difference between these examples? I see no difference. Replacing SSL certificates is a significant security issue.
I called this case "Avast In The Mıddle Attack"...
Did you remember what Avast did its users with their browser extension? They track the users with it. But this time, the problem is bigger than this, but people use https scanning! Because Avast called it security and they give the feature enabled by default.
but I am angry the industry and the people who believe them without a question.
People can "stone" which company they want. They stoned the Privdog in the same case but they like Avast HTTPS Scanning feature(!)
It is just strange for me
 

Cch123

Level 7
Verified
May 6, 2014
335
I do not like this kind of feature(!)...
The primary issue concerning experts is that Superfish replaced SSL certificates..
What about PrivDog, the same! What Avast does here?? Avast puts its their certificate.
Whats the difference between these examples? I see no difference. Replacing SSL certificates is a significant security issue.
I called this case "Avast In The Mıddle Attack"...
Did you remember what Avast did its users with their browser extension? They track the users with it. But this time, the problem is bigger than this, but people use https scanning! Because Avast called it security and they give the feature enabled by default.
but I am angry the industry and the people who believe them without a question.
People can "stone" which company they want. They stoned the Privdog in the same case but they like Avast HTTPS Scanning feature(!)
It is just strange for me

The difference is the lousy implementation by Privdog.

FYI, the practice of installing SSL certificates is an industry wide practice by the security industry since its the only way of scanning HTTPS traffic. Kaspersky, ESET, Avast, Comodo...are all doing it.
 
Y

yigido

The difference is the lousy implementation by Privdog.

FYI, the practice of installing SSL certificates is an industry wide practice by the security industry since its the only way of scanning HTTPS traffic. Kaspersky, ESET, Avast, Comodo...are all doing it.
True, I am against all as I said. All vendors do this but people and industry they blame the only one! I am also against this.
 
  • Like
Reactions: frogboy

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Well it can be really useful but still even in FAQ of Avast admits that if a webpage hacked from HTTPS then it does not guaranteed the protection capabilities, as first it will verify the certificate so its already a loophole when something went mess on the website.

Second, mistakes may happen where for some reason fraudulent websites may put clever trick to make certificate trusted so Avast will check based on Windows Certificate Store and again another loophole. Unless there web shield primarily blocks it.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top