[tor-talk] Kaspersky still interferes with SSL port 443 sites
joebtfsplk at gmx.com
Tue Nov 5 16:59:21 UTC 2013
On 11/2/2013 9:15 AM, freek2023 at yahoo.de wrote:
> Do you use the manual mode if KIS? I also tried that feature, but
> intransparently catching server certificates definitely messed with my
> system. This function is imho snakeoil of the highest quality. (Except
> you use an insecure browser and have no idea how ssl/tls and the x.509
> certs work.) I want to be able to check certs myself and it's possible
> that the cert/ssl-design in tor, which uses (afaik randomly
> generated,) self signed certs, doesn't work with the "validation" KIS
No - least, don't think so. Not sure what you mean - manual - in this
context. *Could* be some screw up w/ certificate, but as said, w/
current settings, KIS doesn't (shouldn't) scan ANY encrypted
connections. But KIS could have a problem, that it's not correctly
using settings that are shown in GUI. It happens.
>> In the Tor Network map, I can see port 443 try to open, then
>> close when accessing sites using that port. Until I close / reopen KIS
>> - then problem solved.
> It's just a guess, buy maybe that way you get the proper certificate to your pc.
Thanks, but no idea. "Normally," stopping / starting KIS - or anything
like it, wouldn't load or reload a new certificate.
If it's doing that, I'd guess it's a bug. I posted on Kaspersky forum &
even long time mods have no idea on this one.
Haven't filed support req w/ Kaspersky - yet, because doubt they support
KIS & TBB issues; but I'll try.
I'll uncheck all KIS settings for scanning encrypted connections, so it
*shouldn't* scan any - then see.
More information about the tor-talk