[tor-talk] Kaspersky still interferes with SSL port 443 sites
Sukhoi
sukhoi47 at gmx.net
Sat Nov 2 19:04:47 UTC 2013
Hi,
Your information is precious.
I am experimenting problems with TorBrowser on the last months.
On most of the web sites I have to reload it 2 to 8 times until it
loads, receiving most of the times messages like this:
--------------------------------
Unable to connect
Firefox can't establish a connection to the server at blog.torproject.org.
--------------------------------
I updated TorBrowser several times in a hope to fix the problem, but
without success.
Now, with your information, I turned off Kaspersky Pure 3.0 and the
problem just gone.
Seems the problem is just with, or at least more frequent, with https
connections, and I see a small probability that HTTPS Everywhere may be
playing a role on the problem.
Hope this is not a NSA attempt to track Tor users by using some built-in
functionality on Kaspersky.
Sukhoi
On 01/11/2013 16:49, Joe Btfsplk wrote:
> Weeks ago I reported problems accessing https Ixquick / Startpage
> search sites in TBB 2.3.25-12, then *-13 and 2.4.x; then saw it was
> most (or all) sites using port 443.
> Traced it to some issue with Kaspersky Internet Security 2014 (KIS) &
> its "scan encrypted connections" feature, though never found exact
> problem.
>
> My KIS settings do NOT cause problems in *Fx 24.x,* or any versions
> on secure URLs. It used to not cause problems in TBB.
> Now I've narrowed it to EVERY time TBB is opened, if KIS is closed
> then immediately reopened, the "blocking" port 443 problem *disappears*.
> Blocking is in quotes, cause I really don't know why port 443 is
> immediately closed, just that KIS is involved.
>
> No special messages from TBB (now 2.4.17b2) when SSL pages won't load,
> other than generic "xyz.com has timed out...may be busy..."
> In the Tor Network map, I can see port 443 try to open, then
> immediately close when accessing sites using that port. Until I close
> / reopen KIS - then problem solved.
>
> The issue seemingly has something to do w/ *differences* between TBB
> or processes & *regular Fx,* as the KIS factory default settings for
> "scan encrypted connections" work fine in Fx & port 443 - or any others.
> Besides, I temporarily disabled all KIS port monitoring for 443.
> Didn't change the TBB problem.
>
> AFAIK, the *default* KIS settings are that it's NOT scanning encrypted
> connections, unless you have KIS *parental control* enabled (I don't).
> For some reason, it affects TBB, but seems unlikely the "real" KIS
> default settings are the problem, as just closing / reopening KIS
> solves the TBB issue.
>
> If... TBB had a problem w/ the Kaspersky certificate, closing /
> reopening KIS wouldn't fix that.
>
> I could add TBB, vidalia and Tor.exe to KIS's "do not monitor
> application's activity" and / or "do not scan (this application's)
> network activity" list, but that defeats purpose of having the
> protection.
>
> Could be a weird KIS bug affecting TBB, that stopping / restarting KIS
> somehow fixes it temporarily (consistently). That'd be fairly unusual.
>
> Any thoughts on differences in TBB & Fx that may contribute to this,
> or other suggestions? Thanks.
>
>
More information about the tor-talk
mailing list