

Avast Anti-Virus for Mac Uses “Man in the Middle” Scheme to “Protect” You - lsmod
https://itnerd.wordpress.com/2015/03/21/avast-anti-virus-for-mac-uses-man-in-the-middle-scheme-to-protect-you-yikes/

======
noir-york
Er... yes. That's how nearly all web security products work. The only way for
them to monitor (and filter) HTTPs content is the MITM + fake cert. This is
done everywhere: from that websense or bluecoat proxy appliance at the office,
to the boxes by someone like a Sandvine doing DPI on telco core networks.

Of course, this is unacceptable - but there are very few alternatives. For the
record, we - rawstream - don't do this as its crazy to compromise security
like this. So we had to find other means.

~~~
justinschuh
> Of course, this is unacceptable - but there are very few alternatives. For
> the record, we - rawstream - don't do this as its crazy to compromise
> security like this. So we had to find other means.

So, then you're using extensions, BHOs, API hooking, or some combination
thereof depending on platform?

~~~
noir-york
Yes - any method that allows us access to HTTPs page content without
compromising security.

Setting up MITM + certs is a PITA for most admins so we've tried (and I
believe succeeded) in making deployment faster/simpler.

------
lsmod
Found this from this[0] post, which contains the second part[1]

[0][https://news.ycombinator.com/item?id=9643857](https://news.ycombinator.com/item?id=9643857)

[1][https://itnerd.wordpress.com/2015/05/21/avast-responds-to-
my...](https://itnerd.wordpress.com/2015/05/21/avast-responds-to-my-post-
about-their-anti-virus-product/)

