[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Kaspersky still interferes with SSL port 443 sites

To: Tor-Talk <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: [tor-talk] Kaspersky still interferes with SSL port 443 sites
From: Joe Btfsplk <joebtfsplk@xxxxxxx>
Date: Fri, 01 Nov 2013 13:49:20 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 01 Nov 2013 14:56:23 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0

Weeks ago I reported problems accessing https Ixquick / Startpage searchsites in TBB 2.3.25-12, then *-13 and 2.4.x; then saw it was most (orall) sites using port 443.Traced it to some issue with Kaspersky Internet Security 2014 (KIS) &its "scan encrypted connections" feature, though never found exact problem.

My KIS settings do NOT cause problems in *Fx 24.x,* or any versions onsecure URLs. It used to not cause problems in TBB.Now I've narrowed it to EVERY time TBB is opened, if KIS is closed thenimmediately reopened, the "blocking" port 443 problem *disappears*.Blocking is in quotes, cause I really don't know why port 443 isimmediately closed, just that KIS is involved.

No special messages from TBB (now 2.4.17b2) when SSL pages won't load,other than generic "xyz.com has timed out...may be busy..."In the Tor Network map, I can see port 443 try to open, then immediatelyclose when accessing sites using that port. Until I close / reopen KIS- then problem solved.

The issue seemingly has something to do w/ *differences* between TBB orprocesses & *regular Fx,* as the KIS factory default settings for "scanencrypted connections" work fine in Fx & port 443 - or any others.Besides, I temporarily disabled all KIS port monitoring for 443. Didn'tchange the TBB problem.

AFAIK, the *default* KIS settings are that it's NOT scanning encryptedconnections, unless you have KIS *parental control* enabled (I don't).For some reason, it affects TBB, but seems unlikely the "real" KISdefault settings are the problem, as just closing / reopening KIS solvesthe TBB issue.

If... TBB had a problem w/ the Kaspersky certificate, closing /reopening KIS wouldn't fix that.

I could add TBB, vidalia and Tor.exe to KIS's "do not monitorapplication's activity" and / or "do not scan (this application's)network activity" list, but that defeats purpose of having the protection.

Could be a weird KIS bug affecting TBB, that stopping / restarting KISsomehow fixes it temporarily (consistently). That'd be fairly unusual.

Any thoughts on differences in TBB & Fx that may contribute to this, orother suggestions? Thanks.



--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
  - From: freek2023@xxxxxxxx
- Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
  - From: Moritz Bartl
- Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
  - From: Sukhoi

Prev by Author: Re: [tor-talk] Cables Secure Anonymous Communications
Next by Author: Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
Previous by thread: [tor-talk] Regarding Proxy-Magic (Onion-Clearnet mapping)
Next by thread: Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
Index(es):
- Author
- Thread