Web Protection And Scan Ssl - Should I Do It?

Whats the community's opinion on the sagacity of installing BD as a certificate authority (making it a "man in the middle" in my SSL traffic)?


Is it worth it? Does it make BD as a potential source of attack vector? like if they get compromised?


Here is an excerpt from the web site: http://www.pcworld.com/article/2889692/som...revocation.html


"While the certificate revocation oversight in Bitdefender products is not as serious as the HTTPS interception flaws found recently in other programs, like the Superfish adware preloaded on Lenovo laptops, its impact is not negligible, Eiram said.


If a website’s certificate has been revoked by a certificate authority—for example, because it was issued fraudulently or because its private key was compromised by hackers—affected Bitdefender products will still accept it as valid. More importantly, as part of their HTTPS scanning feature, they will convert the revoked certificate into a certificate that local browsers will trust, despite the fact that under normal circumstances those browsers would reject the original certificate..."


In fairness, all AV's that scan encrypted traffic need to do this.


My Q is: is it worth it to add this as a potential vulnerability to my system?


Aloke

Comments