ESET Insiders TJP 143 Posted April 27, 2015 ESET Insiders Share Posted April 27, 2015 I found the following on Wilder's (reference: hxxp://www.wilderssecurity.com/threads/how-kaspersky-makes-you-vulnerable-to-the-freak-attack-and-other-ways-antivirus-software-lowers-your.375611/#post-2485713), so full credit to OP Gein. It is worth reading the entire blog, here are some titbits/snippets: "Kaspersky enables the HTTPS interception by default for sites it considers as especially sensitive, for example banking web pages. Doing that with a known security issue is extremely irresponsible.I also found a number of other issues. ESET doesn't support TLS 1.2 and therefore uses a less secure encryption algorithm. Avast and ESET don't support OCSP stapling. Kaspersky enables the insecure TLS compression feature that will make a user vulnerable to the CRIME attack. Both Avast and Kaspersky accept nonsensical parameters for Diffie Hellman key exchanges with a size of 8 bit. Avast is especially interesting because it bundles the Google Chrome browser. It installs a browser with advanced HTTPS features and lowers its security right away.These TLS features are all things that current versions of Chrome and Firefox get right. If you use them in combination with one of these Antivirus applications you lower the security of HTTPS connections.There's one more interesting thing: It seems all three tested Antiviruses don't intercept traffic when Extended Validation (EV) certificates are used". Story link: https://blog.hboeck.de/archives/869-How-Kaspersky-makes-you-vulnerable-to-the-FREAK-attack-and-other-ways-Antivirus-software-lowers-your-HTTPS-security.html Link to comment Share on other sites More sharing options...
rugk 397 Posted April 27, 2015 Share Posted April 27, 2015 (edited) Thanks for sharing. I just wanted to post this too. So to focus on ESET: The issue with TLS 1.2 support is known, but it only affects Firefox and will be fixed soon. The issue with EV certificates not being scanned I can't confirm. Here you can see that it will be scanned: About Key Pinning (HPKP) and OCSP stapling I think it would be a nice idea if ESET could implement this. Edited April 27, 2015 by rugk Link to comment Share on other sites More sharing options...
Recommended Posts