Hacker News new | ask | show | jobs
Avast Anti-Virus for Mac Uses “Man in the Middle” Scheme to “Protect” You (itnerd.wordpress.com)
2 points by lsmod 4034 days ago
2 comments
noir-york 4034 days ago
Er... yes. That's how nearly all web security products work. The only way for them to monitor (and filter) HTTPs content is the MITM + fake cert. This is done everywhere: from that websense or bluecoat proxy appliance at the office, to the boxes by someone like a Sandvine doing DPI on telco core networks.

Of course, this is unacceptable - but there are very few alternatives. For the record, we - rawstream - don't do this as its crazy to compromise security like this. So we had to find other means.

link
justinschuh 4034 days ago
> Of course, this is unacceptable - but there are very few alternatives. For the record, we - rawstream - don't do this as its crazy to compromise security like this. So we had to find other means.

So, then you're using extensions, BHOs, API hooking, or some combination thereof depending on platform?

link
noir-york 4034 days ago
Yes - any method that allows us access to HTTPs page content without compromising security.

Setting up MITM + certs is a PITA for most admins so we've tried (and I believe succeeded) in making deployment faster/simpler.

link
noir-york 4034 days ago
I see that you work on Chrome security - you guys do great work! You have to; one helluva of an attack surface + billion deployments.
link
lsmod 4034 days ago
Found this from this[0] post, which contains the second part[1]

[0]https://news.ycombinator.com/item?id=9643857

[1]https://itnerd.wordpress.com/2015/05/21/avast-responds-to-my...

link