Status
Not open for further replies.
5

509322

The problem is for Google to fix, which has fixed and broken over multiple updates.
Google Chrome engineers have argued for years that security softs injecting into their processes, MitM and breaking browser protections and other issues is a problem they are not required to fix.

And the issue isn't limited to Chrome. Firefox engineers have been known to express the same sentiment.
 

Local Host

Level 18
Verified
HTTPS scanning is cruical feature? I have more chanse to get infected if my security product doesn't scan HTTPS traffic?
Kaspersky can still block the threats locally, with HTTPS scanning ON the malware won't reach anywhere near your computer (as the page will be blocked).
 
  • Like
Reactions: Berny
E

Eddie Morra

Kaspersky can still block the threats locally, with HTTPS scanning ON the malware won't reach anywhere near your computer (as the page will be blocked).
Web-based scanning can block threats which won't be necessarily blocked by the other protection components. Pages with malicious downloads may be blocked through heuristic analysis/black-listing even if the download on the page itself would not be blocked once downloaded on the environment.

Web-based scanning also covers other areas... like phishing.

If you want to make the most out of Kaspersky's web protection feature/s, you'll want the HTTPS scanning enabled. It's a tricky one though, because enabling the HTTPS scanning will cause tampering with the SSL certificates (so Kaspersky can decrypt the HTTPS traffic for more thorough scanning), and the feature is bugged for some on this thread.
 

Gandalf_The_Grey

Level 21
Verified
The problem is resolved according to me and Kaspersky Lab Technical Support:
Dear customer,

Thank you for your continued support. My apologies for the delayed response.

Our Escalation Team have just replied to us with the following information.

The problem solution should have been installed with the fresh database and program modules update the 18th October, in the evening. It required to restart your PC so the changes could have been applied. Apparently, that's why the bug is not reproduced anymore.

Thanks for your time and consideration. Have a good day.
 

Gandalf_The_Grey

Level 21
Verified
Web-based scanning can block threats which won't be necessarily blocked by the other protection components. Pages with malicious downloads may be blocked through heuristic analysis/black-listing even if the download on the page itself would not be blocked once downloaded on the environment.

Web-based scanning also covers other areas... like phishing.

If you want to make the most out of Kaspersky's web protection feature/s, you'll want the HTTPS scanning enabled. It's a tricky one though, because enabling the HTTPS scanning will cause tampering with the SSL certificates (so Kaspersky can decrypt the HTTPS traffic for more thorough scanning), and the feature is bugged for some on this thread.
I've changed the setting in Kaspersky to not scan connections with an EV-certificate:

EV-certificate.png

That way most encrypted connections are scanned, but (for example) the site of my bank is left alone.
I hope/think that's the best compromise.
 
Status
Not open for further replies.