norton https scanning
Hello everyone,
I’m reaching out because I have some concerns regarding Norton’s HTTPS scanning feature. Recently, I noticed that Norton scans HTTPS traffic, and I’m unsure about how this impacts my privacy and security. While I understand the feature is meant to detect threats, I’m particularly worried because it involves decrypting sensitive information. This raises concerns about whether my personal data, such as login credentials or payment details, could be exposed during the scanning process. Has anyone else experienced issues or found this feature problematic? I'd love to hear about your experiences and whether there are any steps I can take to ensure my online security without risking privacy.
I also have found a names of site that were blocked in the report generated from Norton
someting to read ---> https://zakird.com/papers/https_interception.pdf
Thanks in advance!
Όλες οι απαντήσεις (10)
prt screen just to know what Im talking about
You need to contact Norton support for issues with their software problems.
@markwarner22,
I respectfully disagree with your opinion. I would like to gather the community's thoughts on this matter. Additionally, I would appreciate Mozilla's perspective, considering their knowledge of Norton/Avast/Eset/Bitdefender issuing their own certificates, decrypting data, examining it, re-encrypting it, and transmitting it back to the browser. This process involves accessing our passwords and other sensitive information.
Mozilla/Firefox doesn't discuss other Company software nor provide user forum support on problems with their software. If you can't understand this forum is for Mozilla/Firefox user help software support then northing more can be said here.
hornet.ledges958 said
I’m reaching out because I have some concerns regarding Norton’s HTTPS scanning feature. Recently, I noticed that Norton scans HTTPS traffic, and I’m unsure about how this impacts my privacy and security. While I understand the feature is meant to detect threats, I’m particularly worried because it involves decrypting sensitive information. This raises concerns about whether my personal data, such as login credentials or payment details, could be exposed during the scanning process.
I think it is very logical to be concerned about any "man in the middle" of your connection to a website, even if you understand what is does. I do not have specific knowledge about Norton's web shield feature, but generally speaking, these kinds of products check what you are sending to the site and what is received back from the site against specific detection rules, similar to the kinds of rules used by antivirus software that runs after a download is completed. Is that purely local, done without sending anything to the cloud for analysis? That would be more concerning, and you should check with Norton on that.
The issue flagged by the 2017 research you cited (https://zakird.com/papers/https_interception.pdf, https://blog.vpn.ac/disable-https-scanning.html) was that the security software would accept a lower-security connection than what the browser would accept, allowing for the possibility of server impersonation or other kinds of attacks. I *assume* that seven years later that problem has been solved. However, if you have any doubts, you can compare the results of testing on the following diagnostic page with a direct Firefox connection and with a web shield enabled:
https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html
hornet.ledges958 said
Additionally, I would appreciate Mozilla's perspective, considering their knowledge of Norton/Avast/Eset/Bitdefender issuing their own certificates, decrypting data, examining it, re-encrypting it, and transmitting it back to the browser. This process involves accessing our passwords and other sensitive information.
I don't know whether Mozilla has ever issued an opinion on this. Over the years, there have been instances where security software caused a severe issue for Firefox users. Some kinds of add-ons can also cause severe problems. But users remain free to choose these options and many do.
I have no idea why but here is used original certificate like this part of the site is excepted. Also this Mozilla forum
hornet.ledges958 said
I have no idea why but here is used original certificate like this part of the site is excepted. Also this Mozilla forum
Do you mean why was a part of the site blocked? It's probably the reason mentioned toward the bottom of the test page in the Mixed Content section: "These tests might cause a mixed content warning in your browser. That's expected."
On this forum, I don't know why there would be any mixed content message.
markwarner22 said
Mozilla/Firefox doesn't discuss other Company software nor provide user forum support on problems with their software. If you can't understand this forum is for Mozilla/Firefox user help software support then northing more can be said here.
Stop being negative. People are welcome to try and get help with antivirus issues with the Firefox web browser. There has certainly been many cases of Norton causing issues with Firefox in a variety of ways over the years that due to posting here, the cause and fix has been found and such. Sometimes when we get multiple threads on the issue then Mozilla can then be aware and help reach out on their end as needed.