[tor-talk] Kaspersky still interferes with SSL port 443 sites

Joe Btfsplk joebtfsplk at gmx.com
Tue Nov 5 16:59:21 UTC 2013

On 11/2/2013 9:15 AM, freek2023 at yahoo.de wrote:
> Do you use the manual mode if KIS? I also tried that feature, but 
> intransparently catching server certificates definitely messed with my 
> system. This function is imho snakeoil of the highest quality. (Except 
> you use an insecure browser and have no idea how ssl/tls and the x.509 
> certs work.) I want to be able to check certs myself and it's possible 
> that the cert/ssl-design in tor, which uses (afaik randomly 
> generated,) self signed certs, doesn't work with the "validation" KIS 
> conducts.
No - least, don't think so.  Not sure what you mean - manual - in this 
context.  *Could* be some screw up w/ certificate, but as said, w/ 
current settings, KIS doesn't (shouldn't) scan ANY encrypted 
connections.  But KIS could have a problem, that it's not correctly 
using settings that are shown in GUI.  It happens.
>> In the Tor Network map, I can see port 443 try to open, then
>> immediately
>> close when accessing sites using that port.  Until I close / reopen KIS
>> - then problem solved.
> It's just a guess, buy maybe that way you get the proper certificate to your pc.
Thanks, but no idea.  "Normally," stopping / starting KIS - or anything 
like it, wouldn't load or reload a new certificate.
If it's doing that, I'd guess it's a bug.  I posted on Kaspersky forum & 
even long time mods have no idea on this one.

Haven't filed support req w/ Kaspersky - yet, because doubt they support 
KIS & TBB issues; but I'll try.
I'll uncheck all KIS settings for scanning encrypted connections, so it 
*shouldn't* scan any - then see.

More information about the tor-talk mailing list