SeriousHoax 87 Posted April 27 Share Posted April 27 I was wondering if ESET have any plan to add support for "Encrypted Client Hello" in the near future? In the latest version of Avast which was released at the start of this month, they have added support for it. This is from their changelog and I have also tested and verified it myself in a VM. Quote Encrypted Client Hello – We’ve enhanced Web Shield with new support standards, making users’ connections safer. HTTPS connections leak information in the TLS ClientHello to the network, notably the hostname of the website being accessed. When supported by the website, ECH allows encrypting this message with a key provided by the server. Currently ESET and all the AV products (except Avast) that decrypt HTTPS traffic to scan breaks Encrypted Client Hello. It would be nice if ESET similar to Avast start supporting this new privacy standard. Sites to test Encrypted Client Hello: https://crypto.cloudflare.com/cdn-cgi/trace/ https://tls-ech.dev/ https://defo.ie/ech-check.php Link to comment Share on other sites More sharing options...
Administrators Marcos 5,231 Posted April 27 Administrators Share Posted April 27 We're currently conducting a research on this so we can't tell if or when ESET will support it. Link to comment Share on other sites More sharing options...
itman 1,741 Posted April 27 Share Posted April 27 This was discussed in another thread a while back. Eset SSL/TLS protocol scanning busts it. This can be verified using Firefox and performing this test: https://www.cloudflare.com/ssl/encrypted-sni/ . Link to comment Share on other sites More sharing options...
SeriousHoax 87 Posted April 27 Author Share Posted April 27 13 minutes ago, itman said: This was discussed in another thread a while back. Eset SSL/TLS protocol scanning busts it. This can be verified using Firefox and performing this test: https://www.cloudflare.com/ssl/encrypted-sni/ . Yeah, that thread is locked so couldn't reply there and started this new thread. Since Avast has enabled support for ECH, it means ESET should be able to do so also if they want. Link to comment Share on other sites More sharing options...
Recommended Posts