[hartz]

I feel like, instead of MITM'ing all TLS connections, antivirus companies could implement this same thing in a browser extension. If good ad blockers can prevent requests for ads from being completed, an antivirus extension should be able to do something similar, without having to tamper with the TLS connection between the browser and the site.

That being said, users would probably be much safer if they skipped the antivirus and just installed a decent ad blocker.

[tyingq]

At least with Chrome, the extension API doesn't allow you to "peek" into the content. You do have the ability to see the url before it's fetched[1], and block the fetch/redirect. But you can't see the data until it's too late.

[1]https://developer.chrome.com/extensions/webRequest#event-onB...