Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 05/11/2013 15:32, Joe Btfsplk wrote: On 11/2/2013 2:04 PM, Sukhoi wrote: I am experimenting problems with TorBrowser on the last months. On most of the web sites I have to reload it 2 to 8 times until it loads, receiving most of the times messages like this: Unable to connect Firefox can't establish a connection to the server at blog.torproject.org. Sukhoi - a bit off topic, but I'm not sure your problem is w/ Kaspersky or any AV / FW. If you haven't upgraded to TBB 2.4.x (still beta), may try that. I think what you're seeing (if using TBB 2.3.x) is pretty common. Was for me until I upgraded. Joe, Thanks for the comments. I did additional tests and possibly you are right about the Kaspersky and AV. I just installed the latest Tor 2.4.x beta version, on Win 8 x64. The problem seems to be a bit smaller, but stands, having to load and reload the pages many times to get the content. Tried also Tor 2.3 stable release on Linux, were the problem did not happened. Sukhoi -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 11/2/2013 9:15 AM, freek2...@yahoo.de wrote: Do you use the manual mode if KIS? I also tried that feature, but intransparently catching server certificates definitely messed with my system. This function is imho snakeoil of the highest quality. (Except you use an insecure browser and have no idea how ssl/tls and the x.509 certs work.) I want to be able to check certs myself and it's possible that the cert/ssl-design in tor, which uses (afaik randomly generated,) self signed certs, doesn't work with the validation KIS conducts. No - least, don't think so. Not sure what you mean - manual - in this context. *Could* be some screw up w/ certificate, but as said, w/ current settings, KIS doesn't (shouldn't) scan ANY encrypted connections. But KIS could have a problem, that it's not correctly using settings that are shown in GUI. It happens. In the Tor Network map, I can see port 443 try to open, then immediately close when accessing sites using that port. Until I close / reopen KIS - then problem solved. It's just a guess, buy maybe that way you get the proper certificate to your pc. Thanks, but no idea. Normally, stopping / starting KIS - or anything like it, wouldn't load or reload a new certificate. If it's doing that, I'd guess it's a bug. I posted on Kaspersky forum even long time mods have no idea on this one. Haven't filed support req w/ Kaspersky - yet, because doubt they support KIS TBB issues; but I'll try. I'll uncheck all KIS settings for scanning encrypted connections, so it *shouldn't* scan any - then see. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 11/2/2013 11:16 AM, Moritz Bartl wrote: On 11/02/2013 02:27 PM, Joe Btfsplk wrote: Don't expect too much help here [from Moritz]. Well, not from some, anyway. LOL :) Hey hey, no reason to become hostile. I wrote the mail, which I consider help. Help in making you understand why nobody really interacted with you over this issue the last time you brought it up. Sounds like you would rather not have me comment on this at all. I was trying to be helpful, as in: it is a KIS bug, *especially* if it goes away when you restart it, and also, if it messes with SOCKS in this way, they should get this fixed. If you want to help them fix it, run a local network sniffer and find out what they do exactly with the requests in question. Moritz Thanks Moritz, the phrase Well, not from some, anyway. LOL :) w/ LOL a smilie is pretty far from hostile, from my understanding. That's why they're sometimes used in email / postings - to indicate tone, that's often lost in email. Thought I was taking the high road; trying to defuse what seemed like a pretty flippant, looking down your nose reply. If not your intent, I apologize. If it was, may want to dial back a notch. I'm sure lots of Tor users have closed source AV software. But, see here - I'm still smiling: :D, :), ;) Why no one responded...? Kinda amusing. Could well be same reason KIS gurus / long time mods are stumped. Or same reason hundreds of software devs have been stumped by my questions / observations, over decades. Millions of users post intelligent questions on forums / lists *ALL* the time no one has an answer. Means nothing. It'd be very hard for me many to *entirely* avoid closed source software. I try to use open source if at all possible. I'll try the sniffer - if don't discover something else (soon), or if KIS support doesn't have a solution. I'm not sure Kaspersky cares about KIS / TBB issues. Yes, it seems like a (possible) bug. Stopping / restarting KIS *shouldn't* have an effect on certificates, whether it is / isn't scanning encrypted connections, etc. No (visible) settings are changed, by stopping / restarting it. That's why I said it was unusual. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 11/2/2013 2:04 PM, Sukhoi wrote: I am experimenting problems with TorBrowser on the last months. On most of the web sites I have to reload it 2 to 8 times until it loads, receiving most of the times messages like this: Unable to connect Firefox can't establish a connection to the server at blog.torproject.org. Sukhoi - a bit off topic, but I'm not sure your problem is w/ Kaspersky or any AV / FW. If you haven't upgraded to TBB 2.4.x (still beta), may try that. I think what you're seeing (if using TBB 2.3.x) is pretty common. Was for me until I upgraded. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
Hi, On 11/01/2013 07:49 PM, Joe Btfsplk wrote: I could add TBB, vidalia and Tor.exe to KIS's do not monitor application's activity and / or do not scan (this application's) network activity list, but that defeats purpose of having the protection. What kind of protection do you expect from this, anyway? Could be a weird KIS bug affecting TBB, that stopping / restarting KIS somehow fixes it temporarily (consistently). That'd be fairly unusual. Unusual? Problems like this are very usual with any kind of filtering, especially stuff like KIS that hooks into any traffic. Tor Browser communicates with local Tor using SOCKS, and Tor wraps the HTTP(S) request in its own protocol. Sounds like KIS messes with SOCKS in strange ways. Internet protection is hard, and is doomed to create problems like this. Don't expect too much help here, my guess is that in this community only very few people are interested in closed source software that messes with traffic and offers snakeoil protection. Moritz -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 11/2/2013 6:08 AM, Moritz Bartl wrote: What kind of protection do you expect from this, anyway? Wow, I don't know. Having a rough night / day? Could be a weird KIS bug affecting TBB, *that stopping / restarting KIS* somehow fixes it temporarily (consistently). That'd be fairly unusual. Unusual? Yes, unusual that stopping starting KIS, while some app (TBB) is already running, immediately stops a KIS problem w/ TBB, or vice versa. Don't expect too much help here [from Moritz]. Well, not from some, anyway. LOL :) only very few people are interested in closed source software... Right. Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
Hi Joe! I'm answering off-list, because it seems out of focus of the community there and while I understand the need/necessity/advantage/etc. of opensource-sw in certain cases, I'm not a *nix-nazi and one of my machines uses windows and KIS2013. I'm also not eager to out myself with this to the community. Joe Btfsplk joebtfs...@gmx.com schrieb: Weeks ago I reported problems accessing https Ixquick / Startpage search sites in TBB 2.3.25-12, then *-13 and 2.4.x; then saw it was most (or all) sites using port 443. Traced it to some issue with Kaspersky Internet Security 2014 (KIS) its scan encrypted connections feature, though never found exact problem. Do you use the manual mode if KIS? I also tried that feature, but intransparently catching server certificates definitely messed with my system. This function is imho snakeoil of the highest quality. (Except you use an insecure browser and have no idea how ssl/tls and the x.509 certs work.) I want to be able to check certs myself and it's possible that the cert/ssl-design in tor, which uses (afaik randomly generated,) self signed certs, doesn't work with the validation KIS conducts. In the Tor Network map, I can see port 443 try to open, then immediately close when accessing sites using that port. Until I close / reopen KIS - then problem solved. It's just a guess, buy maybe that way you get the proper certificate to your pc. Hope that helps! cheers, Martin -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On Sat, 02 Nov 2013 15:15:41 +0100 freek2...@yahoo.de freek2...@yahoo.de allegedly wrote: I'm answering off-list, because it seems out of focus of the community there and while I understand the need/necessity/advantage/etc. of opensource-sw in certain cases, I'm not a *nix-nazi and one of my machines uses windows and KIS2013. I'm also not eager to out myself with this to the community. Um. :-) (Well someone had to say it.) - Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net - signature.asc Description: PGP signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
mick m...@rlogin.net schrieb: On Sat, 02 Nov 2013 15:15:41 +0100 freek2...@yahoo.de freek2...@yahoo.de allegedly wrote: I'm answering off-list, because it seems out of focus of the community there and while I understand the need/necessity/advantage/etc. of opensource-sw in certain cases, I'm not a *nix-nazi and one of my machines uses windows and KIS2013. I'm also not eager to out myself with this to the community. Um. :-) (Well someone had to say it.) damn... I should pay more attention, writing mails on-the-go... -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
On 11/02/2013 02:27 PM, Joe Btfsplk wrote: Don't expect too much help here [from Moritz]. Well, not from some, anyway. LOL :) Hey hey, no reason to become hostile. I wrote the mail, which I consider help. Help in making you understand why nobody really interacted with you over this issue the last time you brought it up. Sounds like you would rather not have me comment on this at all. I was trying to be helpful, as in: it is a KIS bug, *especially* if it goes away when you restart it, and also, if it messes with SOCKS in this way, they should get this fixed. If you want to help them fix it, run a local network sniffer and find out what they do exactly with the requests in question. Moritz -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Kaspersky still interferes with SSL port 443 sites
Hi, Your information is precious. I am experimenting problems with TorBrowser on the last months. On most of the web sites I have to reload it 2 to 8 times until it loads, receiving most of the times messages like this: Unable to connect Firefox can't establish a connection to the server at blog.torproject.org. I updated TorBrowser several times in a hope to fix the problem, but without success. Now, with your information, I turned off Kaspersky Pure 3.0 and the problem just gone. Seems the problem is just with, or at least more frequent, with https connections, and I see a small probability that HTTPS Everywhere may be playing a role on the problem. Hope this is not a NSA attempt to track Tor users by using some built-in functionality on Kaspersky. Sukhoi On 01/11/2013 16:49, Joe Btfsplk wrote: Weeks ago I reported problems accessing https Ixquick / Startpage search sites in TBB 2.3.25-12, then *-13 and 2.4.x; then saw it was most (or all) sites using port 443. Traced it to some issue with Kaspersky Internet Security 2014 (KIS) its scan encrypted connections feature, though never found exact problem. My KIS settings do NOT cause problems in *Fx 24.x,* or any versions on secure URLs. It used to not cause problems in TBB. Now I've narrowed it to EVERY time TBB is opened, if KIS is closed then immediately reopened, the blocking port 443 problem *disappears*. Blocking is in quotes, cause I really don't know why port 443 is immediately closed, just that KIS is involved. No special messages from TBB (now 2.4.17b2) when SSL pages won't load, other than generic xyz.com has timed out...may be busy... In the Tor Network map, I can see port 443 try to open, then immediately close when accessing sites using that port. Until I close / reopen KIS - then problem solved. The issue seemingly has something to do w/ *differences* between TBB or processes *regular Fx,* as the KIS factory default settings for scan encrypted connections work fine in Fx port 443 - or any others. Besides, I temporarily disabled all KIS port monitoring for 443. Didn't change the TBB problem. AFAIK, the *default* KIS settings are that it's NOT scanning encrypted connections, unless you have KIS *parental control* enabled (I don't). For some reason, it affects TBB, but seems unlikely the real KIS default settings are the problem, as just closing / reopening KIS solves the TBB issue. If... TBB had a problem w/ the Kaspersky certificate, closing / reopening KIS wouldn't fix that. I could add TBB, vidalia and Tor.exe to KIS's do not monitor application's activity and / or do not scan (this application's) network activity list, but that defeats purpose of having the protection. Could be a weird KIS bug affecting TBB, that stopping / restarting KIS somehow fixes it temporarily (consistently). That'd be fairly unusual. Any thoughts on differences in TBB Fx that may contribute to this, or other suggestions? Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Kaspersky still interferes with SSL port 443 sites
Weeks ago I reported problems accessing https Ixquick / Startpage search sites in TBB 2.3.25-12, then *-13 and 2.4.x; then saw it was most (or all) sites using port 443. Traced it to some issue with Kaspersky Internet Security 2014 (KIS) its scan encrypted connections feature, though never found exact problem. My KIS settings do NOT cause problems in *Fx 24.x,* or any versions on secure URLs. It used to not cause problems in TBB. Now I've narrowed it to EVERY time TBB is opened, if KIS is closed then immediately reopened, the blocking port 443 problem *disappears*. Blocking is in quotes, cause I really don't know why port 443 is immediately closed, just that KIS is involved. No special messages from TBB (now 2.4.17b2) when SSL pages won't load, other than generic xyz.com has timed out...may be busy... In the Tor Network map, I can see port 443 try to open, then immediately close when accessing sites using that port. Until I close / reopen KIS - then problem solved. The issue seemingly has something to do w/ *differences* between TBB or processes *regular Fx,* as the KIS factory default settings for scan encrypted connections work fine in Fx port 443 - or any others. Besides, I temporarily disabled all KIS port monitoring for 443. Didn't change the TBB problem. AFAIK, the *default* KIS settings are that it's NOT scanning encrypted connections, unless you have KIS *parental control* enabled (I don't). For some reason, it affects TBB, but seems unlikely the real KIS default settings are the problem, as just closing / reopening KIS solves the TBB issue. If... TBB had a problem w/ the Kaspersky certificate, closing / reopening KIS wouldn't fix that. I could add TBB, vidalia and Tor.exe to KIS's do not monitor application's activity and / or do not scan (this application's) network activity list, but that defeats purpose of having the protection. Could be a weird KIS bug affecting TBB, that stopping / restarting KIS somehow fixes it temporarily (consistently). That'd be fairly unusual. Any thoughts on differences in TBB Fx that may contribute to this, or other suggestions? Thanks. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk