Concerned about Man in the Middle Attacks

Sangie Nativus

New Member
So when testing my own website and verifying the Amazon SSL certificate I have installed, I was disturbed to find Firefox listing the certificate as AdGuard CA, not Amazon.

As a test, I went to Facebook.com and saw the same thing.

What this tells me is Adguard has full plain text access to the session, logins, credit card info, etc for any non-whitelisted websites that utilize SSL.

Even if I trusted AdGuard with my life, which I don't, this means that other malicious software could read the same information by reading what AdGuard can see.

I am highly concerned, and despite paying for the software, I'm considering uninstalling it.

Any thoughts?
 

avatar

Administrator
Staff member
Administrator
Hi!

First of all, here's a relevant article that explains everything about HTTPS filtering and how it works in AdGuard:
https://blog.adguard.com/en/everything-about-https-filtering/

What this tells me is Adguard has full plain text access to the session, logins, credit card info, etc for any non-whitelisted websites that utilize SSL.
Just like any of your browser extensions. But unlike the extensions, AdGuard lets you choose what domains are whitelisted and must not be intercepted.

Even if I trusted AdGuard with my life, which I don't, this means that other malicious software could read the same information by reading what AdGuard can see.
Hm, I think I don't fully understand what do you mean. On both ends the traffic is encrypted: Client <-> AdGuard <-> Server.
Also, were I a malware author, I'd have chosen to access your browser as I am 100% sure that everything is decrypted there.
 

jposluns

New Member
With a man in the middle for SSL, and using AdGuard's certificate and trusted CA to replace the remote site, what sort of validation is performed on the remote certificate to ensure that it's valid, not revoked, etc? If there is an issue with the certificate, do we have an option to have AdGuard trust a self-signed cert, custom CA, or other? I know I can just install the software and test that myself - but it's easier to ask, and get your thoughts on the matter like that ;-)

Purchased a license for IOS and love it when I'm out of the house. While at home I have PFsense's PFBlockerNG with mostly the same filters as AdGuard uses for the whole network (and MitM SSL from Squid).
 
Top