Author Topic: Why AVAST scans no HTTPS connections?  (Read 3593 times)

0 Members and 1 Guest are viewing this topic.

Offline reisender

  • Jr. Member
  • **
  • Posts: 87
Why AVAST scans no HTTPS connections?
« on: January 01, 2014, 07:54:39 PM »
Hello,

I have a question: Why AVAST Web Shield scans no HTTPS connections?

Happy new Year
Christian
Intel Core i5 4670K , 8GB RAM, Win 8.1 Pro 64bit, 128 GB SSD & 3 TB HDD, avast! 2014 Security Suite, Firefox

Offline NoelC

  • Poster
  • *
  • Posts: 569
Re: Why AVAST scans no HTTPS connections?
« Reply #1 on: January 01, 2014, 08:15:59 PM »
The https protocol ensures end to end encryption - which protects network traffic from being viewed by intermediaries.  In most cases that's considered a good thing, but you're wanting your antivirus program to be able to monitor that traffic and the encryption blocks it too.  From the perspective of a program or person trying to watch the data go by, it just looks like gibberish.

-Noel

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85753
  • No support PMs thanks
Re: Why AVAST scans no HTTPS connections?
« Reply #2 on: January 01, 2014, 08:22:40 PM »
I have a question: Why AVAST Web Shield scans no HTTPS connections?

Isn't that the whole point of a secure encrypted connection, to keep prying eyes out.

Whilst avast could probably scan the encrypted streams, but to what purpose as encryption essentially changes all signatures etc.

So there would have to be some third party intervention whereby avast redirects the outbound request to https so that the incoming https would come through some sort of proxy where it can be decrypted (similar to the way the old mail shield used to handle SSL emails). But I'm sure this isn't as easy as this very short comment on how it might be done.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline NoelC

  • Poster
  • *
  • Posts: 569
Re: Why AVAST scans no HTTPS connections?
« Reply #3 on: January 01, 2014, 08:50:14 PM »
One could imagine that in this day and age Microsoft or other browser makers might make an API available in the browser itself that could allow the scanning of web traffic there.  Whether such a thing actually exists is beyond my knowledge of browser implementations.  Thing is, if you could attach in, then malware could potentially attach in as well.

-Noel

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33321
  • malware fighter
Re: Why AVAST scans no HTTPS connections?
« Reply #4 on: January 01, 2014, 08:57:36 PM »
There are ways to look at your https connection for security issues, some browser extensions do a great job. I have Recx Security Analyzer extension up and running in Google Chrome, when WOT and netcraft alert be aware something is not right. Also Comodp's Site Inspector gives good scan results. See: urlquery dot com scans,

polonus
« Last Edit: January 01, 2014, 09:49:31 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline reisender

  • Jr. Member
  • **
  • Posts: 87
Re: Why AVAST scans no HTTPS connections?
« Reply #5 on: January 01, 2014, 11:12:40 PM »
Hi,

but why AVAST does not check this directly, as for example ESET does?

Greetings
Christian
Intel Core i5 4670K , 8GB RAM, Win 8.1 Pro 64bit, 128 GB SSD & 3 TB HDD, avast! 2014 Security Suite, Firefox

jwoods301

  • Guest
Re: Why AVAST scans no HTTPS connections?
« Reply #6 on: January 01, 2014, 11:22:24 PM »
That would be a question for the product design team...

My "1 minute guess" (after thinking about it for a minute) would be performance issues.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85753
  • No support PMs thanks
Re: Why AVAST scans no HTTPS connections?
« Reply #7 on: January 01, 2014, 11:46:45 PM »
Hi,

but why AVAST does not check this directly, as for example ESET does?

Greetings
Christian

For a start we (avast users) don't know exactly what you mean by check/scan directly or for that matter what ESET does.

Scanning the https secure encrypted traffic directly (as I mentioned isn't the issue) is unlikely to detect anything because its encrypted form differs completely from it unencrypted state.

If there is some other intervention to be able to scan the unencrypted form before it is displayed/run in the browser, then that may slow browsing depending on how that is done.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33321
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!