Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

New Way To Scan Ssl

Options
johnrs
johnrs
in Feature request

Right now BitDefender installs a bogus root security certificate to allow it to scan SSL sessions by acting as a proxy (main-in-the-middle). This causes as many potential security problems as it solves. Indeed, I think that it is worse thus I run with "Scan SSL" set to off.


I believe that there is a non-invasive method available which would solve this problem when using either Firefox or Chrome: Session Key Logging. Both of these browsers write the current session key to a file for monitoring software to use. This allows the monitoring software to decrypt the stream without changing it in any way.


Wireshark does just this and it seems to work great. I'm asking that BitDefender offer this option for those security sensitive users who care enough to run Firefox or Chrome.


Thanks,

Comments

  • johnrs
    johnrs
    Options

    P.S. I just ran across an excellent paper which describes the problems with the SSL/TLS Proxy technique, including specific Bitdefender failures, and also recommends Key Logging.


    https://madiba.encs.concordia.ca/~x_decarn/...xy-ndss2016.pdf

  • ejsexton82
    ejsexton82
    Options

    I support this. The "Scan SSL" feature seems to be broken, so I just turn it Off.

    PS- I would Vote Up on this, but I've been told I've reached my quota even though I've never voted. Maybe it's because I'm a new user...

All Time Leaders

Categories

Defenders of the month