Author Topic: Avast blocking Google, Etsy etc.  (Read 7771 times)

0 Members and 1 Guest are viewing this topic.

Offline joelw135

  • Jr. Member
  • **
  • Posts: 87
Avast blocking Google, Etsy etc.
« on: March 17, 2015, 05:19:25 PM »
]When I try to go to Google.com I get an error that the site is unsafe and people might be trying to get my information then it mentions something about the certificate. I turned off web security then restarted web security and it works now. This has happened on three macs.
]
« Last Edit: March 17, 2015, 07:23:01 PM by joelw135 »

Offline Hawkie

  • Newbie
  • *
  • Posts: 9
Re: Avast blocking Google, Etsy etc.
« Reply #1 on: March 18, 2015, 12:38:35 PM »
Same here, but only on the OSX 10.10.3 beta machine. It works ok on the 10.10.2 machine.

Offline joelw135

  • Jr. Member
  • **
  • Posts: 87
Re: Avast blocking Google, Etsy etc.
« Reply #2 on: March 18, 2015, 12:46:04 PM »
Yes I am on the Beta also on two machines. I had to disable as below for it to work.
[/URL][/img]
« Last Edit: March 18, 2015, 02:08:04 PM by joelw135 »

Offline Hawkie

  • Newbie
  • *
  • Posts: 9
Re: Avast blocking Google, Etsy etc.
« Reply #3 on: March 18, 2015, 02:32:59 PM »
Yep, that worked. Thanks for the tip.

Offline joelw135

  • Jr. Member
  • **
  • Posts: 87
Re: Avast blocking Google, Etsy etc.
« Reply #4 on: March 18, 2015, 02:35:18 PM »
I feel it is only a stopgap fix as we should have those items checked. I put in a request to Avast via a ticket, may I suggest you do also.

Offline specimen9999

  • Sr. Member
  • ****
  • Posts: 349
Re: Avast blocking Google, Etsy etc.
« Reply #5 on: March 18, 2015, 07:59:00 PM »
I feel it is only a stopgap fix as we should have those items checked. I put in a request to Avast via a ticket, may I suggest you do also.

No, there is no should here, scanning encrypted connections is a bit controversial, the way avast does it is effectively by doing a benevolent Man In The Middle 'attack', inserts a root certificate in your keychain (randomly generated upon install) decrypts, scans the content of the connection and encrypts again using the Avast root certificate and sends that to your browser, it's a hack because secure connections aren't supposed to be snooped upon (which is what the avast proxy is doing).

So maybe in OS X 10.10.3, Apple has upped the security with the way certificates are handle, which is actually a good thing.

HTTPS scanning is off by default in Avast!, and for a good reason, I personally keep it off too.
The On Access Scanner should identify malware when it hits the disk.
« Last Edit: March 19, 2015, 02:39:43 AM by specimen9999 »

Offline joelw135

  • Jr. Member
  • **
  • Posts: 87
Re: Avast blocking Google, Etsy etc.
« Reply #6 on: March 18, 2015, 08:23:44 PM »
Thanks for the info, I wasn't aware of how they did it. But yes I think 10.10.3 is using certificates as my email program caused my Mac to ask if I would accept the certificate. I use AirMail 2.

Offline Hawkie

  • Newbie
  • *
  • Posts: 9
Re: Avast blocking Google, Etsy etc.
« Reply #7 on: March 18, 2015, 08:30:10 PM »
I leave this as they are at the moment and follow the forum for a while. I also had similar problems with mail, but after turning off secure connection scan  i the Mail Shield as well things are working. I guess it's done the same way as described above (man-in.the.middle). I'll check around out there to if I can find more info on these issues.

Offline specimen9999

  • Sr. Member
  • ****
  • Posts: 349
Re: Avast blocking Google, Etsy etc.
« Reply #8 on: March 19, 2015, 02:39:08 AM »
I leave this as they are at the moment and follow the forum for a while. I also had similar problems with mail, but after turning off secure connection scan  i the Mail Shield as well things are working. I guess it's done the same way as described above (man-in.the.middle). I'll check around out there to if I can find more info on these issues.

Yes, it uses the exact same process and certificate.

Offline specimen9999

  • Sr. Member
  • ****
  • Posts: 349
Re: Avast blocking Google, Etsy etc.
« Reply #9 on: March 19, 2015, 09:34:15 PM »
Correction : I mentioned that by default Avast! doesn't enable scanning of secure connections in the Web Shield, this is apparently not true, in the latest version, if you install it from scratch it enables scanning of secure connections (but only for browsers).

Quote
But yes I think 10.10.3 is using certificates as my email program caused my Mac to ask if I would accept the certificate. I use AirMail 2.
I think you misunderstood me, OS X has always used certificates, what I meant to say is that Apple might have changed is the way they are handled and trusted in 10.10.3.

Offline joelw135

  • Jr. Member
  • **
  • Posts: 87
Re: Avast blocking Google, Etsy etc.
« Reply #10 on: March 19, 2015, 09:59:27 PM »
Yes and I think this is the problem. If I disable scanning secure connections in browsers, the URL line has HTTP:// with two red lines through it. Showing that it isn't a secure connection. How dangerous this is I don't know. I contacted Avast support days ago but no answer. I don't think they will ever answer.

Offline specimen9999

  • Sr. Member
  • ****
  • Posts: 349
Re: Avast blocking Google, Etsy etc.
« Reply #11 on: March 19, 2015, 10:54:45 PM »
Yes and I think this is the problem. If I disable scanning secure connections in browsers, the URL line has HTTP:// with two red lines through it. Showing that it isn't a secure connection. How dangerous this is I don't know. I contacted Avast support days ago but no answer. I don't think they will ever answer.

Sorry, I think you are misunderstanding how all this works, it's not the scanning of secure connections that turns HTTP into HTTPS. If you go to google.com you should be automatically directed to the https version with and without scan secured connections on.

Offline joelw135

  • Jr. Member
  • **
  • Posts: 87
Re: Avast blocking Google, Etsy etc.
« Reply #12 on: March 19, 2015, 11:25:50 PM »
Well here is an example I go to https://www.ohionational.com/portal/site/client/?logout=Y which is an investment company and the URL looks like below.

Offline specimen9999

  • Sr. Member
  • ****
  • Posts: 349
Re: Avast blocking Google, Etsy etc.
« Reply #13 on: March 20, 2015, 01:22:14 AM »
Ah yes, sorry, it is an HTTPS connection but it cannot verify that that site is actually the site it says it is in the address bar. There's either a mismatch between the certificate and the domain or the certification authority is not recognized (if the avast cert isn't in the keychain, this is what happens).

How serious? A rogue site pretending to be another for the purpose of getting your credentials would behave just like this. So this error makes such rogue sites indistinguishable.

I'm just guessing here, but the upgrade to 10.10.3 might have deleted the avast cert, uninstalling and reinstalling avast should place the cert there.
« Last Edit: March 20, 2015, 01:25:21 AM by specimen9999 »

Offline joelw135

  • Jr. Member
  • **
  • Posts: 87
Re: Avast blocking Google, Etsy etc.
« Reply #14 on: March 20, 2015, 03:57:51 AM »
The certificate is in the keychain. I even removed avast and did a reinstall. It got to be something with 10.10.3