again I come to my question. Can we implement this method to avast to scan SSL connections?
Because only thing I have seen in all the three AVs to scan SSL connections is that they only install a certificate in the browsers… I mean eset, Kaspersky,Bitdefender which I have tested.

I didn’t find any other changes in my browser or system

OK Many thanks, DavidR. :slight_smile:

Hi Ashish, sorry I hijacked your thread, but it is related. :slight_smile:

How is it possible to implement something which is totally unclear what it is that they are doing. All I have seen so far is smoke and mirrors, saying it scans SSL, without any idea of how or what it is actually doing.

I guess any idiot AV can scan encrypted files, but what they can’t do is decrypt them and scan the contents. Scanning an encrypted file is unlikely to find anything because of the encryption; essentially this is no different if they are going to try and scan an https traffic stream.

If it were so good, why is it disabled by default ?
Wild-assed guess:
Either it is unlikely to detect anything because it is encrypted, which falls into the smoke and mirrors marketing hype. Or there is a huge overhead in doing so.

No (or maybe yes, I’m not sure how exactly the question is meant). The connection from the mail client to avast! proxy must not be crypted (i.e. it’s necessary to disable SSL in the mail client).
Later, avast! performs an encrypted communication with the e-mail server itself.

Doing the same for web browsers would be a problem (as the browser wouldn’t see the remote certificates, wouldn’t show you the “encryption” icon, etc.)
But yes, it’s possible that avast! will implement a browser plugin for specific browser(s?) in the future which would be able to extract the already-decrypted data from the browser and scan them, before the browser really uses them. No promises though :slight_smile:

Oh yes, that would be great.Hope we can see this feature in “avast! 7”.
Many thanks for your reply igor, also for throughing light on this

Regards
Ashish

I got one more reply today from eset. Just wanted to share with you all