- Status
D
Deleted member 2913
Thread author
Options Yes/No for the Poll is not apt. I didn't noticed that time.
Yes/No is little confusing i.e dont know if by Yes users mean good/bad? So better options would be Good/Bad IMO.
Can any Mods please change Poll options to Good/Bad?
Thank You
Yes/No is little confusing i.e dont know if by Yes users mean good/bad? So better options would be Good/Bad IMO.
Can any Mods please change Poll options to Good/Bad?
Thank You
D
Deleted member 178
Thread author
Good for Yes and Bad for No?
Good for No and Bad for Yes?
D
Deleted member 178
Thread author
D
Deleted member 2913
Thread author
I too am confused as to how users voted? Yes they meant Good or Bad?
I guess Yes they meant Good...so replace Yes with Good. And users should be able to change their vote incase Yes they meant Bad.
Thank You
Viewed the results, with the majority of votes on Yes, I changed:Can't you just change the options?
Anyway, as I have Adguard, I blindly let it insert its own certificate.
Yes == Good
No == Bad
Voters can change their vote, if required.
I voted Bad in the poll.
I voted yes/good I use a similar feature from Avast and it is also able to detect whether the website is fake. Even if it does intrude on some of my privacy I will sacrifice a little for the safety on my computer.
Depends if you trust the company doing it.
For example @avatar company can scan my https connections but only when they behave.
For example @avatar company can scan my https connections but only when they behave.
D
Deleted member 2913
Thread author
I too was thinking there should be 1 more option but what that should be?Hey, guys, there should be a "Lesser Evil" option
I dont like SSL/HTTPS scan but the way Adguard uses it kinda acceptable i.e Adguard gives the option to not filter websites with EV certs & by default doesn't filter some HTTPS websites.
I think a 3rd option "Acceptable" would be good.
Can Mods please add the 3rd option "Acceptable"?
And guys please mention your reason for your vote Good/Bad/Acceptable in your post.
I have some idea of what HTTPS and SSL are, but I've never heard of HTTPS/SSL Scanning. Could somebody explain it for me?
Does ESET Smart Security have it? I have simply not yet had time to explore every nook and cranny of the expansive ESET GUI.
Does ESET Smart Security have it? I have simply not yet had time to explore every nook and cranny of the expansive ESET GUI.
D
Deleted member 178
Thread author
last time i used ESET it has it, and install its own certificate for doing it.
This is from Avast FAQ, but the principles are almost the same with other products. You will get a good explanation on how HTTPS scanning works.
Avast FAQ | Avast 2016: FAQ - HTTPS scanning in Web Shield
For me, it has its own advantages and disadvantages. If you are a pro user or an internet surfer that want the fastest connection ever, you may want to disable this ssl scanning features. I have tried Kaspersky Avast ESET Bitdefender, they impact the performance of the internet. But not for all especially if you have fast internet, this web surf experience will impact you lesser than people that have slower internet connection.
For the time being this features might not seems as important or must have feature, but with recently increasing compromised web, in the future, this features might be needed. Right now, im currently disable the ssl scanning. Besides its not perfect as they claimed it is, even some started acting weird like blocking google ssl or some legit website without any causes. But the technical team usually failed to recreate the situation which rarely happened.
For the time being this features might not seems as important or must have feature, but with recently increasing compromised web, in the future, this features might be needed. Right now, im currently disable the ssl scanning. Besides its not perfect as they claimed it is, even some started acting weird like blocking google ssl or some legit website without any causes. But the technical team usually failed to recreate the situation which rarely happened.
Good or bad, depending on situation.
With my Kaspersky Total Security, I have chosen :
- SSL 2.0 blocked
- HTTPS/SSL Scanning enabled if asked by protection module (Bank protection, Kaspersky URL Advisor, Parental control, Private browsing)
With my Kaspersky Total Security, I have chosen :
- SSL 2.0 blocked
- HTTPS/SSL Scanning enabled if asked by protection module (Bank protection, Kaspersky URL Advisor, Parental control, Private browsing)
Disabled. Same reason as You Have HTTPS/SSL Scan Enabled/Disabled?
It’s Not Just Browser Extensions: You Should Disable Other Browser Integrations, Too
"Extensions are just part of the problem. Any form of browser integration can create security holes. After all, that’s the point of encryption–to keep that traffic private. To get around this limitation, some antivirus programs effectively perform a “man-in-the-middle” attack so they can monitor what’s actually going on over an encrypted connection. These work an awful lot like Superfish, replacing certificates with the antivirus’s own. The MalwareBytes blog explained avast!’s behavior here.
This feature is generally just an option in the antivirus program itself, and not part of a browser extension, but it’s worth discussing all the same. For example, Avast’s SSL-interception code contained an easily exploitable security hole that could be used by a malicious server. “At least get an intern to skim your before shipping it,” tweeted Ormandy after discovering the problem. It’s one of those bugs that Avast, a security company, should have caught before shipping it to users.
As he argued in following tweets, this sort of man-in-the-middle code just adds more “attack surface” to the browser, giving malicious sites another way to attack you. Even if the developers of your security program are more careful, features that tamper with your browser are a lot of risk for not much reward. Your browser already contains anti-malware and anti-phishing features, and search engines like Google and Bing already attempt to identify dangerous websites and avoid sending you there."
Indentify Codecs & Technical Information About Video Files
It’s Not Just Browser Extensions: You Should Disable Other Browser Integrations, Too
"Extensions are just part of the problem. Any form of browser integration can create security holes. After all, that’s the point of encryption–to keep that traffic private. To get around this limitation, some antivirus programs effectively perform a “man-in-the-middle” attack so they can monitor what’s actually going on over an encrypted connection. These work an awful lot like Superfish, replacing certificates with the antivirus’s own. The MalwareBytes blog explained avast!’s behavior here.
This feature is generally just an option in the antivirus program itself, and not part of a browser extension, but it’s worth discussing all the same. For example, Avast’s SSL-interception code contained an easily exploitable security hole that could be used by a malicious server. “At least get an intern to skim your before shipping it,” tweeted Ormandy after discovering the problem. It’s one of those bugs that Avast, a security company, should have caught before shipping it to users.
As he argued in following tweets, this sort of man-in-the-middle code just adds more “attack surface” to the browser, giving malicious sites another way to attack you. Even if the developers of your security program are more careful, features that tamper with your browser are a lot of risk for not much reward. Your browser already contains anti-malware and anti-phishing features, and search engines like Google and Bing already attempt to identify dangerous websites and avoid sending you there."
Indentify Codecs & Technical Information About Video Files
- Status
You may also like...
-
The Unkillable King of Recon: Nmap in the Age of Encryption- Started by Divergent
- Replies: 3
-
-
RCE Vulnerability in qBittorrent’s SSL Handling Patched After 14 Years- Started by enaph
- Replies: 0
-
-
