I am trying the K-Meleon browser (PortableApps.com version), but I seem to get invalid security cerificate on every site ('Error code: sec_error_unknown_issuer'). If I view the certificate, the issuer in each case is 'Adguard Personal CA', but I have the problem even if I disable Adguard. Any ideas?
Yes estimated not exact. Might be Monday might not. Release date is around Monday. I'm sure we will see it in the next couple of days http://www.dictionary.com/browse/estimate
I guess it's time to add it to my forum signature: "Don't believe this man's estimates. He has never guessed it right" I am trying to make better estimates, to think about risks and such, but for some mysterious reason it just never works out.
Regarding new beta, those, who tries to understand what's going on under the hood should love the new filtering log: Note that besides Web requests you can now see or block(!) other connections, those which your browser will never show you. Basically, Adguard now provides Firewall-like filtering rules: blocking or unblocking connections from a specific app to any remote endpoint.
This is exciting news, from both a privacy and security perspective. I will play with this beta right away. I always respect your honesty.
That didn't work. If I untick 'Filter HTTPS protocol' all is OK. I generally want that option ticked, but will just have to untick it if I use K-Meleon.
@avatar Does ticking 'Filter HTTPS protocol' expose me to any risk as per discussion here?: https://www.wilderssecurity.com/thr...nd-security-firms-stop-trashing-https.391887/
Just check it on https://badssl.com/dashboard/ and https://www.ssllabs.com/ssltest/viewMyClient.html There were too much fearmongering about this lately, but anyway, if you use an HTTPS filtering software, you'd better remember those two websites and check it there.
If https filtering is not working for K-Meleon, you should file an issue for compatibility here: https://github.com/AdguardTeam/AdguardForWindows/issues Also, you can use the extension for https filtering and the program for http filtering(called by me as Disintegration Mode, you may simply call it as Commish Mode ). If you use this setup though, there are certain things that you need to take care of or be aware of. I will elaborate on this if only you're interested. One thing about this is that you don't have to use the adguard certificate as default browser certificate would be used, so the question you rose above in one of the post will be handled itself.
I have currently disabled https filtering to see the effects for me, but I doubt I will be using K-Meleon (no Lastpass integration) so I may switch it on again, and just disable it if I do use K-Meleon. But could you elaborate on 'Commish mode'?
@paulderdash K-Meleon is listed in their filtered apps section, so it should be filtered just right. If it's not doing it, then it should be checked for compatibility. That's why I told you to file an issue on github page. As for your question, In this mode, we use the program for http filtering and the extension for https filtering. But there are certain things you need to understand for this:- Alongwith adblocking, other features like stealth mode, etc. will also not work for https sites. You will need to subscribe to an additional filter list for blocking ads arising from https sites on http pages. This mode could also be used in Adguard proxy mode, where Adguard acts as a proxy server. And here it would block ads(no cosmetic filter) even on https sites. An advantage is you don't depend on the Adguard certificate for filtering, so all those aspects of MITM attacks, limitations and drawbacks of an external software certificate are done away with. That's basically, the crux of it all, some tiny bits, you'll understand if you use it.
@guest, I had a reply from AG (Github). The 'Reinstall Certificate' in Adguard did not work, but installing it manually in K-Meleon did. Open 'Certificate Manager' on any untrusted site > Import > Find and open "Adguard personal CA" certificate, located in "C:\ProgramData\Adguard\NetworkTemp\SSL" > Click all 3 boxes on next panel and OK. Thanks for your input.
good for you brother And actually I have a different way of auto installing certificate unlike the one suggested in the github issue.