howardagoldberg 13 Posted August 29, 2019 Share Posted August 29, 2019 I came across this article today via "Ask Woody" ... https://textslashplain.com/2019/08/11/spying-on-https/ The article specifically calls out AVAST, and I have not seen this warning in Chrome or other browsers (on the stable/release channel) using ESET. Can any of ESET's staff can comment on how ESET monitors HTTPS traffic, and if the 'issue' with AVAST is something ESET users need to be aware of vis-a-vis browser warnings/compatibility? Again, I've encountered no issues on this front ... I am simply curious! 🙂 Link to comment Share on other sites More sharing options...
Administrators Marcos 4,920 Posted August 29, 2019 Administrators Share Posted August 29, 2019 We intercept network communication, decrypt the SSL communication (not all SSL communication) and encrypt it again after scanning. It's done in a safely manner; if there was a risk of data leak, we wouldn't do it. howardagoldberg 1 Link to comment Share on other sites More sharing options...
howardagoldberg 13 Posted August 29, 2019 Author Share Posted August 29, 2019 41 minutes ago, Marcos said: We intercept network communication, decrypt the SSL communication (not all SSL communication) and encrypt it again after scanning. It's done in a safely manner; if there was a risk of data leak, we wouldn't do it. How does that compare to AVAST's method? Link to comment Share on other sites More sharing options...
itman 1,630 Posted August 29, 2019 Share Posted August 29, 2019 Interesting article. I checked the environment variables for FireFox; I don't use Chrome, and Eset does not use or need to use this baloney. Both Avast and Kaspersky were having issues with use of their root CA certificates in Chrome a while back to decrypt SSL/TLS traffic. Appears this is Avast's solution to the problem and a very insecure one at that. howardagoldberg 1 Link to comment Share on other sites More sharing options...
itman 1,630 Posted August 29, 2019 Share Posted August 29, 2019 This is also worth a read and very much indicates that what Avast/AVG is doing is something Google doesn't approve of: Quote Chromium team wants users to aware of this variable set in the Chrome browser. Apparently, the team expresses concern this variable has already been used by bad actors and thus, added SSL key log file to bad flags. https://techdows.com/2019/08/chrome-you-are-using-an-unsupported-environment-variable-sslkeylogfile.html howardagoldberg 1 Link to comment Share on other sites More sharing options...
Recommended Posts