[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites



Hi,

Your information is precious.

I am experimenting problems with TorBrowser on the last months.
On most of the web sites I have to reload it 2 to 8 times until it loads, receiving most of the times messages like this:

--------------------------------
Unable to connect
Firefox can't establish a connection to the server at blog.torproject.org.
--------------------------------

I updated TorBrowser several times in a hope to fix the problem, but without success.

Now, with your information, I turned off Kaspersky Pure 3.0 and the problem just gone. Seems the problem is just with, or at least more frequent, with https connections, and I see a small probability that HTTPS Everywhere may be playing a role on the problem.

Hope this is not a NSA attempt to track Tor users by using some built-in functionality on Kaspersky.

Sukhoi





On 01/11/2013 16:49, Joe Btfsplk wrote:
Weeks ago I reported problems accessing https Ixquick / Startpage search sites in TBB 2.3.25-12, then *-13 and 2.4.x; then saw it was most (or all) sites using port 443. Traced it to some issue with Kaspersky Internet Security 2014 (KIS) & its "scan encrypted connections" feature, though never found exact problem.

My KIS settings do NOT cause problems in *Fx 24.x,* or any versions on secure URLs. It used to not cause problems in TBB. Now I've narrowed it to EVERY time TBB is opened, if KIS is closed then immediately reopened, the "blocking" port 443 problem *disappears*. Blocking is in quotes, cause I really don't know why port 443 is immediately closed, just that KIS is involved.

No special messages from TBB (now 2.4.17b2) when SSL pages won't load, other than generic "xyz.com has timed out...may be busy..." In the Tor Network map, I can see port 443 try to open, then immediately close when accessing sites using that port. Until I close / reopen KIS - then problem solved.

The issue seemingly has something to do w/ *differences* between TBB or processes & *regular Fx,* as the KIS factory default settings for "scan encrypted connections" work fine in Fx & port 443 - or any others. Besides, I temporarily disabled all KIS port monitoring for 443. Didn't change the TBB problem.

AFAIK, the *default* KIS settings are that it's NOT scanning encrypted connections, unless you have KIS *parental control* enabled (I don't). For some reason, it affects TBB, but seems unlikely the "real" KIS default settings are the problem, as just closing / reopening KIS solves the TBB issue.

If... TBB had a problem w/ the Kaspersky certificate, closing / reopening KIS wouldn't fix that.

I could add TBB, vidalia and Tor.exe to KIS's "do not monitor application's activity" and / or "do not scan (this application's) network activity" list, but that defeats purpose of having the protection.

Could be a weird KIS bug affecting TBB, that stopping / restarting KIS somehow fixes it temporarily (consistently). That'd be fairly unusual.

Any thoughts on differences in TBB & Fx that may contribute to this, or other suggestions? Thanks.



--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk