![]() ![]() This is very similar to what the adware that Lenovo had on some of their computers was doing. That my friends is completely unacceptable. ![]() What Avast is doing is known as a “ Man In The Middle Attack” where you get in the middle of a secure connection between two parties and intercept data. Disabling the “Web Shield” allows the browser to use whatever certificate the website provides. It uses a “Avast trusted CA” certificate. When I go to Google.ca and check the certificate, I get this: I continued to dig and discovered that Avast is doing the same thing with its “Web Shield”. The second I did that, the problem went away and I confirmed that the certificates I purchased were in use. I confirmed that this was the case by disabling their “Mail Shield” feature as pictured below: If that hadn’t happened, I would not have noticed. What’s worse is that it expired around the time I left for my trip, which is why I was getting the pop ups in the first place. So the only explanation for this is that Avast Anti-Virus For Mac is substituting my certificates for its own. Now I run my own mail server and I buy certificates from Verisign. ![]() If you look at the red rectangle, the certificate is issued by “Avast untrusted CA”. When you click on “Show Certificate” you get this: I really didn’t have time to pursue it then, but since I’ve got back to Canada, I’ve looked into this and discovered a very troubling cause. That was a concern and I because I first saw this in the Dubai Airport, I thought it was their WiFi that was doing this. What it was telling me was that because I was using SSL, it could not verify the identify of my e-mail server and something else might be pretending to to be my e-mail server. When I was traveling to India and Australia, I started to notice that every time I started Apple Mail, I would get this popup: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |