News and Reviews > Official Announcements
Forum Upgraded August 30, 2015 - Report issues here
Ath:
You may be looking at an Avast (or other antivirus product) inserted certificate :o
--- End quote ---
Ath, can you explain, i don't get it.
-mouser (September 03, 2015, 10:11 AM)
--- End quote ---
Some AV programs insert their own certificate in your browser and man-in-the-middle your HTTPS connections in order to be able to scan/filter them.
The ones I've seen are usually not using the best encryption, probably because they only serve to re-encrypt the traffic locally for your browser.
-Jibz (September 03, 2015, 10:58 AM)
--- End quote ---
^This.
After the forum-upgrade there where https-issues, then I looked at what FF reported on the certificate, and I saw both SHA-1 and SHA-256 encryption listed. After the https-issues where resolved I didn't check anymore, but now I only see SHA-1 encryption listed, even with Avast https checking enabled :huh: Must have been related to the https-issues then.
The Avast mitm fake-CA reports SHA-256 encryption for itself, though.
JavaJones:
Separating posting my feature/fix request: I am very happy to see images popping up in lightboxes now (though I have yet to see whether images posted "full size" still can cause huge scroll bars in posts, a separate problem that I think needs its own solution). However I think the pop-up should be closeable by simply clicking on the background/outside of the lightbox, as is true in most other lightbox implementations. It increases usability and speed/ease of use quite a lot.
- Oshyan
MilesAhead:
Perhaps not an "issue" with the technical revamping of the forum. But it may be a good time to comment on something that has struck me. When looking through New items/posts sometimes I notice something about NANY 2014 or even NANY 2013 in a big headline. It just seems like it may give a newb the impression that stuff has not been updated for some time.
Like if I go to a programmer's page and see the latest updates for utilities are 2010 then I figure there will not be any more updates. I wonder if anyone casually perusing for the first time sees the date and just leaves figuring it is old news?
mouser:
However I think the pop-up should be closeable by simply clicking on the background/outside of the lightbox, as is true in most other lightbox implementations. It increases usability and speed/ease of use quite a lot.
-JavaJones (September 03, 2015, 02:54 PM)
--- End quote ---
should be working now.
ewemoa:
Thanks Ath.
You may be looking at an Avast (or other antivirus product) inserted certificate :o
-Ath (September 03, 2015, 10:04 AM)
--- End quote ---
In the local FF installation, Tools -> Page Info -> View Certificates brings up a dialog box with two tabs with titles "General" and "Details". The image you posted looks like it's from (or very similar to) the content of the Details tab. I was looking at the General tab.
The bottom-most section of the General tab is titled "Fingerprints" and it lists SHA-256 and SHA-1. May be one or both of those values are computed by the browser and not "extracted" / "obtained" from the ceritifcate?
At any rate, as you pointed out, it seems the certificate only mentions SHA-1, so may be that's not so great in the medium to longer term.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version