Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Sign in to follow this  
Followers 0
straycat19

Kaspersky Fixed Serious Certificate Slip

6 posts in this topic

Kaspersky is moving to fix a bug that disabled certificate validation for 400 million users.

 

Discovered by Google's dogged bug-sleuth Tavis Ormandy, the flaw stems from how the company's antivirus inspects encrypted traffic.

 

Since it has to decrypt traffic before inspection, Kaspersky presents its certificates as a trusted authority. If a user opens Google in their browser, for example, the certificate will appear to come from Kaspersky Anti-Virus Personal Root.

 

The problem Ormandy identified is that those internal certificates are laughably weak. "As new leaf certificates and keys are generated, they're inserted using the first 32 bits of MD5(serialNumber||issuer) as the key ... You don't have to be a cryptographer to understand a 32bit key is not enough to prevent brute-forcing a collision in seconds. In fact, producing a collision with any other certificate is trivial," he writes here.

 

Ormandy's bug report gave, by way of demonstration, a collision between Hacker News and manchesterct.gov: "If you use Kaspersky Antivirus in Manchester, Connecticut and were wondering why Hacker News didn't work sometimes, it's because of a critical vulnerability that has effectively disabled SSL certificate validation for all 400 million Kaspersky users."

 

Kaspersky fixed the issue on December 28. 

 

Source

6 people liked / thanked this

Share this post


Link to post
Share on other sites

Still searching on google problem survives on Firefox I still need to disable

Setting --> Additional --> Network --> Do not scan encrypted connection

 

Share this post


Link to post
Share on other sites
9 minutes ago, november_ra1n said:

Still searching on google problem survives on Firefox I still need to disable


Setting --> Additional --> Network --> Do not scan encrypted connection

 

 

Scanner active and no problem here...

Share this post


Link to post
Share on other sites

Posted (edited)

26 minutes ago, WALLONN7 said:

 

Scanner active and no problem here...

 

Not in my end yet not sure this is something to do using KIS 2017 &  Adguard same time? I need to compromise security with Kaspersy since last year tho...

 

Spoiler

WMRMPHd.png

 

EDIT: It is only Fırefox I have just check it Google Chrome working nicely without compromising security setting..

Edited by november_ra1n

Share this post


Link to post
Share on other sites
3 hours ago, november_ra1n said:

 

Not in my end yet not sure this is something to do using KIS 2017 &  Adguard same time? I need to compromise security with Kaspersy since last year tho...

 

  Reveal hidden contents

 

EDIT: It is only Fırefox I have just check it Google Chrome working nicely without compromising security setting..

 

Here is KSOS...

Share this post


Link to post
Share on other sites

  is right  about with firefox i have seen this and have had the same problems  i am unsure whats the problems but if is with kis sure will be fixed

and i did have Adguard  installed aswell  so i understand 100% what u mean  but cant see how if is Adguard  or kis  this needs to be looked at i think more

1 person liked / thanked this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0