[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites



On 11/2/2013 9:15 AM, freek2023@xxxxxxxx wrote:
Do you use the manual mode if KIS? I also tried that feature, but intransparently catching server certificates definitely messed with my system. This function is imho snakeoil of the highest quality. (Except you use an insecure browser and have no idea how ssl/tls and the x.509 certs work.) I want to be able to check certs myself and it's possible that the cert/ssl-design in tor, which uses (afaik randomly generated,) self signed certs, doesn't work with the "validation" KIS conducts.
No - least, don't think so. Not sure what you mean - manual - in this context. *Could* be some screw up w/ certificate, but as said, w/ current settings, KIS doesn't (shouldn't) scan ANY encrypted connections. But KIS could have a problem, that it's not correctly using settings that are shown in GUI. It happens.
In the Tor Network map, I can see port 443 try to open, then
immediately
close when accessing sites using that port.  Until I close / reopen KIS

- then problem solved.
It's just a guess, buy maybe that way you get the proper certificate to your pc.

Thanks, but no idea. "Normally," stopping / starting KIS - or anything like it, wouldn't load or reload a new certificate. If it's doing that, I'd guess it's a bug. I posted on Kaspersky forum & even long time mods have no idea on this one.

Haven't filed support req w/ Kaspersky - yet, because doubt they support KIS & TBB issues; but I'll try. I'll uncheck all KIS settings for scanning encrypted connections, so it *shouldn't* scan any - then see.
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk