Avast blocking Google, Etsy etc.

]When I try to go to Google.com I get an error that the site is unsafe and people might be trying to get my information then it mentions something about the certificate. I turned off web security then restarted web security and it works now. This has happened on three macs.
[url=http://[URL=http://s248.photobucket.com/user/joelw135/media/Screen%20Shot%202015-03-17%20at%202.09.47%20PM_zpsppjplzj5.png.html]
http://i248.photobucket.com/albums/gg199/joelw135/Screen%20Shot%202015-03-17%20at%202.09.47%20PM_zpsppjplzj5.png
]

Same here, but only on the OSX 10.10.3 beta machine. It works ok on the 10.10.2 machine.

Yes I am on the Beta also on two machines. I had to disable as below for it to work.

http://i248.photobucket.com/albums/gg199/joelw135/Screen%20Shot%202015-03-18%20at%209.02.23%20AM_zps4h66dq0r.png
[/URL][/img]

Yep, that worked. Thanks for the tip.

I feel it is only a stopgap fix as we should have those items checked. I put in a request to Avast via a ticket, may I suggest you do also.

No, there is no should here, scanning encrypted connections is a bit controversial, the way avast does it is effectively by doing a benevolent Man In The Middle ‘attack’, inserts a root certificate in your keychain (randomly generated upon install) decrypts, scans the content of the connection and encrypts again using the Avast root certificate and sends that to your browser, it’s a hack because secure connections aren’t supposed to be snooped upon (which is what the avast proxy is doing).

So maybe in OS X 10.10.3, Apple has upped the security with the way certificates are handle, which is actually a good thing.

HTTPS scanning is off by default in Avast!, and for a good reason, I personally keep it off too.
The On Access Scanner should identify malware when it hits the disk.

Thanks for the info, I wasn’t aware of how they did it. But yes I think 10.10.3 is using certificates as my email program caused my Mac to ask if I would accept the certificate. I use AirMail 2.

I leave this as they are at the moment and follow the forum for a while. I also had similar problems with mail, but after turning off secure connection scan i the Mail Shield as well things are working. I guess it’s done the same way as described above (man-in.the.middle). I’ll check around out there to if I can find more info on these issues.

Yes, it uses the exact same process and certificate.

Correction : I mentioned that by default Avast! doesn’t enable scanning of secure connections in the Web Shield, this is apparently not true, in the latest version, if you install it from scratch it enables scanning of secure connections (but only for browsers).

But yes I think 10.10.3 is using certificates as my email program caused my Mac to ask if I would accept the certificate. I use AirMail 2.
I think you misunderstood me, OS X has always used certificates, what I meant to say is that Apple might have changed is the way they are handled and trusted in 10.10.3.

Yes and I think this is the problem. If I disable scanning secure connections in browsers, the URL line has HTTP:// with two red lines through it. Showing that it isn’t a secure connection. How dangerous this is I don’t know. I contacted Avast support days ago but no answer. I don’t think they will ever answer.

Sorry, I think you are misunderstanding how all this works, it’s not the scanning of secure connections that turns HTTP into HTTPS. If you go to google.com you should be automatically directed to the https version with and without scan secured connections on.

Well here is an example I go to https://www.ohionational.com/portal/site/client/?logout=Y which is an investment company and the URL looks like below.

http://i248.photobucket.com/albums/gg199/joelw135/Screen%20Shot%202015-03-19%20at%206.23.30%20PM_zpsuk0ah2m8.png

Ah yes, sorry, it is an HTTPS connection but it cannot verify that that site is actually the site it says it is in the address bar. There’s either a mismatch between the certificate and the domain or the certification authority is not recognized (if the avast cert isn’t in the keychain, this is what happens).

How serious? A rogue site pretending to be another for the purpose of getting your credentials would behave just like this. So this error makes such rogue sites indistinguishable.

I’m just guessing here, but the upgrade to 10.10.3 might have deleted the avast cert, uninstalling and reinstalling avast should place the cert there.

The certificate is in the keychain. I even removed avast and did a reinstall. It got to be something with 10.10.3

Support wrote back.
Hello Joel,

Thank you for reporting this issue.

Our team is working on this problem and it should be fixed soon (before the release of 10.10.3).

Best Regards,

Miroslav Jenšík
Technical Support Engineer
AVAST Software s.r.o.

The “Google issue” is specific to OS X 10.10.3 and is fixed in Avast 10.9. (43971).

Yes I just downloaded the Beta and it is working so far fine. Even my Ohio National is working. Thanks for the fix.

Just noticed the fix. Thanks so much!

Well seems to still have problems when purchasing something from EBay, I log onto EBay no problems, but when I click to pay using PayPal I get the Privacy Error. I have to click advanced on the Privacy error page and allow it to continue, after two times it finally goes to PayPal and allows to factor authentication…