Исходное сообщение
"Исследование негативного влияния локального перехвата HTTPS-..." Отправлено Аноним, 08-Фев-17 14:30
Не трубили, но это очевидная вещь. Когда я использовал Handycache в домашней локалке, сразу решил кэшировать только http, ибо доверять какой-то проге https нельзя просто по определению, и особенно если она редко обновляется и очевидно протухшая. Антивирусам так же нельзя доверять https. Только самой ОС и браузерам. А лучше вообще не иметь антивируса. https://twitter.com/justinschuh/status/802491391121260544 >I could rattle off a laundry list of total security breakage due to worthless AV code. In fact, I will. > AV tampering delayed Win32k Flash lockdown for over a year. Lowbox & CSRSS lockdown are still on hold. > We constantly suffer injected AV vulns, from ROP gadgets at predictable addresses to command exec > Broken AV MitM creates a constant stream of TLS failures, and breaks real security like HSTS pinning. > I expect it's possible to make an AV that isn't more harm than good, but none of you are even trying. > You ignore all security best practice, piling dodgy format parsing and other unsafe code into the kernel > No isolation or defense-in-depth. You inject huge blobs of privilege and attack surface in every process > Relying on an antivirus is useless since not all viruses are discovered and not all discovered viruses will be in the database of your particular antivirus. The only way to make sure you don't have any is not to run executables from untrusted sources, which is fairly easy.