Question Kaspersky without HTTPS Scanning - Still safe?

Please provide comments and solutions that are helpful to the author of this topic.

C

cofer123

Level 3
Thread author
Sep 7, 2021
102
One of the main "issues" I have had with Kaspersky is that it always slows down page loading. It's a small difference, but noticeable, and sometimes even annoying, since page loading doesn't behave as snappy as with Defender or Eset. However, after recently experimenting with HTTPS scanning disabled, Kaspersky behaves just as fast as if it wasn't there.

But what is the cost of having that disabled? Can other of Kaspersky's modules make up for losing that layer of defense? Anyone has experimented this before?
 
  • Like
Reactions: vtqhtr413, JB007, ForgottenSeer 100397 and 4 others
C

cofer123

Level 3
Thread author
Sep 7, 2021
102
oldschool said:
I don't use K but you should be fine disabling HTTPS scanning. A number of K users on MT disable that setting. Make sure you use an ad blocker and your browsers phishing protection, e.g. Safe Browsing, Smartscreen, etc.
Click to expand...
Thanks. Firefox + uBlock Origin since forever here, so it should be good.

I've also noticed I can set trusted addresses, apparently disabling connection scans for those domains. I will run some tests to check if I can still keep the performance boost for my most visited sites while having scanning working for everything else.
 
  • Like
Reactions: JB007, roger_m, Nevi and 7 others
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,636
This browsing speed slow-down is the reason why I can never settle on Kaspersky and I also prefer not to disable a product's core protection feature. Without it Kaspersky would miss infected javascripts, infected html, malicious redirects, etc. Sometimes, some remnants can even remain on browser cache without detection. But of course if you don't visit suspicious sites, then that's not a problem. If you do online shopping then you should enable it when you do because lately seeing a lot of smaller shopping sites getting infected via stealer malware that can't be detected without the HTTPS scanning feature.
 
  • Like
  • +Reputation
  • Applause
Reactions: Azazel, vtqhtr413, Virtuoso and 15 others
C

cofer123

Level 3
Thread author
Sep 7, 2021
102
I've ran some tests with trusted addresses and it works as expected.

This is what YouTube looks like with default settings on Firefox:
1699386849630.png


And after adding it as a Trusted Address in Kaspersky:
1699386796474.png


The MITM scanning doesn't even trigger for these sites, and the speed difference is there. Pages open fast and are snappy as if HTTPS scanning was disabled globally.

Now going a bit off-topic, but does anyone know if this degree of control is also possible on Eset? I've written a review a few months ago where I reported issues with some sites randomly breaking layout/images, and lately I've identified that it's because of its HTTPS scanner. I've tried adding addresses to Eset's excluded content scan list, but it still seems to MITM connections and change certificates.
 
Last edited:
  • Like
  • +Reputation
Reactions: Virtuoso, JB007, roger_m and 8 others
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
IMO, it is safe to turn off HTTPS scanning.

For reference, Need Advice - Does Windows Defender does HTTPS scanning?
Not to forget the billions of phone devices without any sort of HTTPS scanning interference.

Browsers are very secure these days, and include a few passive features such as Google Safe Browsing. The rest of things are easy to maintain:
  • Keep your OS up-to-date
  • Regular checks on Browser updates (preferably latest stable builds)
  • Must use a content-blocker (ie. AdGuard Ad-Blocker, uBlock Origin)
  • Optional use of security extensions (ie. Malwarebytes Browser Guard) -- if compatible.
  • Optional use of DNS-based content filtering (ie. NextDNS)
 
  • Like
  • +Reputation
Reactions: vtqhtr413, JB007, roger_m and 8 others
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,636
cofer123 said:
Now going a bit off-topic, but does anyone know if this degree of control is also possible on Eset?
Click to expand...
Yes, it's possible. For Kaspersky and other products, adding sites to trusted list means that it won't block the site even if it's malware as well as not do HTTPS scanning. But if I remember correctly, for ESET you can do the above while there's also an option to make ESET not decrypt HTTPS traffic for specific sites without putting them to whitelist. That's how to do it.
1699437866932.gif
 
  • Like
  • +Reputation
Reactions: vtqhtr413, JB007, simmerskool and 8 others
C

cofer123

Level 3
Thread author
Sep 7, 2021
102
SeriousHoax said:
Yes, it's possible. For Kaspersky and other products, adding sites to trusted list means that it won't block the site even if it's malware as well as not do HTTPS scanning. But if I remember correctly, for ESET you can do the above while there's also an option to make ESET not decrypt HTTPS traffic for specific sites without putting them to whitelist. That's how to do it.
View attachment 279607
Click to expand...
Thanks, that's what I was looking for.
 
  • Like
Reactions: vtqhtr413, JB007, SeriousHoax and 2 others
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,636
harlan4096 said:
In Kaspersky, You can only exclude sites only for HTTPS:

View attachment 279608
Click to expand...
This puts them on whitelist/trusted list resulting in not dong HTTPS scanning also as a bonus. It's different from what I showed above for ESET that exclude sites from HTTPS scanning only (decrypt the connection to scan website content) without putting them into trusted/whitelist.
 
  • Like
Reactions: vtqhtr413, micasayyo, JB007 and 5 others
harlan4096

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,672
Hum I'm not sure, it's a separated list of Trusted URLs in module Safe Browsing...

1699696197685.png


1699696160232.png

If You add one URL in one of the those lists, did not appear in the other...

Also, when You add a full URL in 1st one (Encrypted connections), automatically it only adds main domain, not the full URL as it does Safe Browsing Trusted URLs option.

I guess not exactly the same...🤔
 
  • Like
  • +Reputation
Reactions: vtqhtr413, Virtuoso, JB007 and 6 others
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,460
cofer123 said:
One of the main "issues" I have had with Kaspersky is that it always slows down page loading. It's a small difference, but noticeable, and sometimes even annoying, since page loading doesn't behave as snappy as with Defender or Eset. However, after recently experimenting with HTTPS scanning disabled, Kaspersky behaves just as fast as if it wasn't there.

But what is the cost of having that disabled? Can other of Kaspersky's modules make up for losing that layer of defense? Anyone has experimented this before?
Click to expand...
Disabling HTTPS scanning in Kaspersky can improve page loading speed, as you have observed. However, it is important to understand the potential consequences of disabling this feature.

HTTPS scanning is designed to inspect encrypted connections for potential threats or malicious content. By disabling it, you may be limiting Kaspersky's ability to detect certain types of malware or protect against phishing attacks that are transmitted over encrypted connections.

While other modules in Kaspersky's security suite can provide additional layers of defense, such as real-time scanning, firewall protection, and behavior monitoring, it is worth noting that HTTPS scanning adds an extra level of security.

Ultimately, the decision to disable HTTPS scanning should be based on your individual risk tolerance and the importance you place on page loading speed versus enhanced security. If you engage in safe browsing practices and visit trusted websites, the risk may be minimal. However, if you frequently visit unfamiliar or potentially risky websites, it may be advisable to keep HTTPS scanning enabled for enhanced protection.
 
  • Applause
Reactions: vtqhtr413
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,636
harlan4096 said:
Hum I'm not sure, it's a separated list of Trusted URLs in module Safe Browsing...

View attachment 279669

View attachment 279668

If You add one URL in one of the those lists, did not appear in the other...

Also, when You add a full URL in 1st one (Encrypted connections), automatically it only adds main domain, not the full URL as it does Safe Browsing Trusted URLs option.

I guess not exactly the same...🤔
Click to expand...
I just did a test, and they are different indeed. I was only partially right.

1) The Trusted Address option in the network settings put the sites completely in whitelist so, No detection even if malware + No HTTPS scanning. If you check the website's certificate, then it's not Kaspersky, it's the actual certificate used by the site. This is equivalent to ESET's whitelist option.

2) The option "Do not scan web traffic from trusted URLs" available in Safe Browsing option means, No detection even if it's malware + HTTPS scanning. So Kaspersky still decrypt the connection to scan. If you check the website's certificate, then it's Kaspersky's. It is kind of equivalent to ESET's "Found malware is ignored" option. With this option, you would still have the performance impact caused by HTTPS scanning. Without going into full details, ESET's equivalent option more useful, capable and makes more sense than this one.

So still what I initially said is not seems to be present in Kaspersky that is present in ESET and that is only ignore HTTPS scanning but still block the site if available on their blacklist. So Kaspersky has two ways to whitelist, ESET has three, and ESET's number 2 is more useful than Kaspersky's number 2. I can explain why if required in another topic/comment.
 
  • Like
  • +Reputation
  • Applause
Reactions: vtqhtr413, Nevi, brambedkar59 and 5 others
Virtuoso

Virtuoso

Level 3
Feb 21, 2022
100
SeriousHoax said:
This browsing speed slow-down is the reason why I can never settle on Kaspersky and I also prefer not to disable a product's core protection feature. Without it Kaspersky would miss infected javascripts, infected html, malicious redirects, etc. Sometimes, some remnants can even remain on browser cache without detection. But of course if you don't visit suspicious sites, then that's not a problem. If you do online shopping then you should enable it when you do because lately seeing a lot of smaller shopping sites getting infected via stealer malware that can't be detected without the HTTPS scanning feature.
Click to expand...

How about selecting the middle option: "Scan encrypted connections upon request from protection components." Maybe this will resolve the problem.
 
  • Like
Reactions: vtqhtr413

Similar threads

Nightwalker
    • Like
Advice Request Kaspersky Plus without Unlimited VPN
Replies
8
Views
1,389
Kaspersky
Dave Russo
Dave Russo
Trident
    • Like
    • Hundred Points
    • +Reputation
New Update Prevention-First Kaspersky
Replies
30
Views
4,460
Kaspersky
Xeno1234
Xeno1234
Ink
    • Like
    • Applause
    • +Reputation
New Update Manjaro 23 'Uranos' released
Replies
0
Views
386
ChromeOS & Linux
Ink
Ink

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top