Startup service proxies Web, email to purge malware

Discussion in 'other anti-malware software' started by ronjor, Jun 8, 2015.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Not sure what to think of it, I'm personally not into agent-less based security.
     
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Well, there is a big privacy issue in this since I assume they will be decrypting HTTPS traffic for scanning purposes? If you were a business, would you want a third party intercepting all your traffic? Thanks but no thanks to this concept.
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Yes exactly, I'm not feeling this stuff at all. I also didn't like Spikes:

    http://techcrunch.com/2013/08/09/spikes-builds-a-secure-browser-for-the-enterprise/
     
  5. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    It sounds as though the proxy would have access to not only the decrypted HTTPS traffic but also the actual browser session and end-user activity:

    Which I think would make it of even greater concern in some scenarios. For example, there are various types of "online calculators, utilities, apps" that are Javascript driven and run entirely on the user's machine. A normal proxy would be able to tamper with the code when it is retrieved, but otherwise it wouldn't see how the user is using and interacting with such code. It sounds like the type of proxy being discussed here would "see it all". IOW: Seeing you load a financial calculator vs seeing you load a financial calculator PLUS seeing what information you entered (?).
     
    Last edited: Jun 10, 2015
Loading...