Security Message

Board for discussions around the Epyrus mail and news client.

Moderator: athenian200

BenFenner
Keeps coming back
Keeps coming back
Posts: 814
Joined: 2015-06-01, 12:52
Location: US Southeast

Re: Security Message

Unread post by BenFenner » 2025-03-14, 11:40

JoeyG wrote:
2025-03-14, 11:06
the client has a certificate problem
How do you figure that? :wtf:

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 37370
Joined: 2011-08-28, 17:27
Location: Motala, SE

Re: Security Message

Unread post by Moonchild » 2025-03-14, 12:07

JoeyG wrote:
2025-03-14, 11:06
The bad news is the problem still exists, exactly as with Norton.
Avast using the same kind of TLS interception (no surprise there) means you will have the same kind of problem. This is NOT a client problem. You can work around it by installing intermediate certificates in Epyrus but it will not solve the fundamental issue of breaking your TLS trust chain. It's inherent to the kind of "must inspect your encrypted data" setup they use.

Also, both Avast and Norton fall under the same corporate umbrella. See viewtopic.php?f=65&t=31970
"A dead end street is a place to turn around and go into a new direction" - Anonymous
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
Bilbo47
Lunatic
Lunatic
Posts: 321
Joined: 2017-11-18, 04:24

Re: Security Message

Unread post by Bilbo47 » 2025-03-14, 15:42

JoeyG wrote:
2025-03-14, 11:06
antipathy toward Norton ... Norton alone wasn't the culprit.
Agree. Just bc one of those system-mangling packages sucks doesn't mean the others don't.

User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 5521
Joined: 2015-12-09, 15:45

Re: Security Message

Unread post by moonbat » 2025-03-16, 07:30

Off-topic:
There is no need for any separate anti-virus on Windows when there's MSE, provided you don't do dumb things like opening unknown attachments, downloading software from anywhere other than its official website or inserting USB drives of unknown origin while having autoplay enabled. The days of drive-by malware that can hijack your system with zero user intervention are long gone (they were an IE6 phenomenon), and social engineering is the primary way people get hacked these days. There's no antivirus substitute for common sense though, and it clearly isn't very common going by how often people continue to fall for phishing scams. Antivirus software with their constant subscriptions are just a tax for being dumb online.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
KDE Neon on a Slimbook Excalibur (Ryzen 7 8845HS, 64 GB RAM)
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX

User avatar
JoeyG
Astronaut
Astronaut
Posts: 674
Joined: 2017-06-12, 13:27
Location: How can you be in two places at once, when you're not anywhere at all?

Re: Security Message

Unread post by JoeyG » 2025-03-16, 08:38

Ummm, my wife also uses Norton, but she uses Thunderbird. She doesn't have the problem.

My guess is that no one who doesn't use Epyrus has the problem.

Maybe my logic is overly simplistic, but since - as indicated by the input here in the forum - the issue seems to be restricted to Epyrus, l've drawn my conclusion.
"And you can believe me because I never lie - and I'm always right."
(Asserted by George Leroy Tirebiter* and my wife; only the latter is telling the truth.)
*Firesign Theater version

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 37370
Joined: 2011-08-28, 17:27
Location: Motala, SE

Re: Security Message

Unread post by Moonchild » 2025-03-16, 11:33

JoeyG wrote:
2025-03-16, 08:38
Ummm, my wife also uses Norton, but she uses Thunderbird. She doesn't have the problem.
You're forgetting that antivirus packages when installing likely have certificate installation routines for the most commonly used mail clients. Your wife likely has her email connections hijacked by the antivirus without even knowing.
"A dead end street is a place to turn around and go into a new direction" - Anonymous
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
JoeyG
Astronaut
Astronaut
Posts: 674
Joined: 2017-06-12, 13:27
Location: How can you be in two places at once, when you're not anywhere at all?

Re: Security Message

Unread post by JoeyG » 2025-03-21, 18:09

Although l still have 443 days on my Norton subscription and a year on a one-year Avast sub l recently bought on ebay, l gave up and bought 18 mo.
of Bitdefender. It's a waste of money, but the aggravation finally got to me.
"And you can believe me because I never lie - and I'm always right."
(Asserted by George Leroy Tirebiter* and my wife; only the latter is telling the truth.)
*Firesign Theater version

User avatar
Bilbo47
Lunatic
Lunatic
Posts: 321
Joined: 2017-11-18, 04:24

Re: Security Message

Unread post by Bilbo47 » 2025-03-22, 18:56

Closer to the original post in the thread: The other time I get cert dialogs that look like this is when the IMAP server legit updates its cert every x-months, *and* EP was connecting to it using a DNS name that's not listed in the cert. In other words, the cert contains the server's real name, but DNS entries may contain a different name.

So when connecting to the server by its real name, the cert validates without this dialog.
But when connecting to the server by its name listed in DNS, the cert is considered not-valid, so the dialog appears.
Not sure what happens when connect to the server by its IP address.

It this the right way of understanding it, or is there anything I'm missing?