Remove Bitdefender certificates from my PC


I am using Bitdefender 2017 on a Windows 10 PC.


I want to disable Web and Email Protection components that scan https traffic because I don't want to use BD certificates in a "man in the middle" process (for however noble the cause).


The reasons to do this (or not) merits another whole discussion thread.


In the mean time, how do I remove all traces of BD's certificates from my PC?


Aloke

Comments


  • To clarify: I want to remove BD's root certification authority.


    Is this what I should do?  https://technet.microsoft.com/en-us/library/bb687365.aspx?f=255&MSPPError=-2147217396


    or is there a cleaner way of doing this?


  • Hello,


     


    Simply disable the Scan SSL feature from the Web protection tab.


  • Will that remove the root cert authority?  The concern is that IF that BD-provided root certificate gets compromised, it might allow malware to become a malicious man in the middle.


     


  • Hello,


     


    No, it will disable the SSL feature and the usage of the certificate itself.


    There are systems in place to ensure the certificate doesn't get compromised.


  • Q1. Will uninstallation of BD remove the root certificate installed by BD?


    Q2. Is that Technet article in my previous post a way (the only way?) to delete that certificate?


     

  • binaryanomaly
    edited January 2017


    I can only second that there should be an official way to remove the root certificate.


    Or even better, not install it at all in the first place if the user chooses so.


    Applications that do this without giving users a choice are... malware! :o


    Edit:


    Technet proposal seems not work -> malware


     



  • On 10/10/2016 at 1:16 PM, Sorin G. said:



    There are systems in place to ensure the certificate doesn't get compromised.



    No one. not even Bitdefender, plans to get hacked.  It happens.


    BD should openly and clearly document what it does with installation of root cert authority and how to


    a) detect if it is compromised and


    b ) remove such certs if desired.



  • On 1/31/2017 at 12:36 PM, alokep said:



    No one. not even Bitdefender, plans to get hacked.  It happens.


    BD should openly and clearly document what it does with installation of root cert authority and how to


    a) detect if it is compromised and


    b ) remove such certs if desired.



    Looks like my previous post became a victim of censorship :-/


    Again I can only second that. Option b is the least BD can and should do and owns to its customers as a responsible AV company.


    Exactly this kind of "invasive" behaviour of AV solutions was recently heavily criticized in IT media such as arstechnica, etc and is effectively a threat to security. This fact can't just be ignored...?


     


    For educational purposes:



    Quote



     


    The Security Impact of HTTPS Interception


    https://jhalderm.com/pub/papers/interception-ndss17.pdf


     



     


  • How recently was this published?  Which journal?


    Good stuff.  I hope BD has a response to the weakness identified in Figure 3.


  • I think this is only yet going to be officially published at NDSS17 (Network and Distributed System Security Symposium 2017), according to lower left section on the first page of the paper.



    Quote




    NDSS’17, 26 February–1 March, 2017, San Diego, CA, USA





    It was on hackernews yesterday https://news.ycombinator.com/item?id=13589664


  • Hello all


    Kindly, i'm using the Bitdefender free version, and there is not SSL feature to disable it.


    how can i delete or remove the root certificate???



  • On 10/10/2016 at 1:58 PM, alokep said:



    I am using Bitdefender 2017 on a Windows 10 PC.


    I want to disable Web and Email Protection components that scan https traffic because I don't want to use BD certificates in a "man in the middle" process (for however noble the cause).


    The reasons to do this (or not) merits another whole discussion thread.


    In the mean time, how do I remove all traces of BD's certificates from my PC?


    Aloke



    how can i delete or remove the root certificate???






     




  • Good stuff.  I hope BD has 

    Speed Test Scrabble Word Finder Solitaire a response to the weakness identified in Figure 3.