Violation Type:Software Connection Hijacking

From Violations Tracker
Revision as of 23:44, 8 September 2016 by HLandau (talk | contribs) (Created page with "{{Violation Type|abbr=SHIJACK|cat=Violation Types}} A piece of software on an end system performs a Man-in-the-Middle attack on connections, supposedly for a benign purpose. T...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Violation Type
SHIJACK

Software Connection Hijacking

Violation InstanceViolator
Avast Antivirus/V2Avast Antivirus


A piece of software on an end system performs a Man-in-the-Middle attack on connections, supposedly for a benign purpose. This will usually involve installing a custom root CA in the system's trust store, so as to enable the interception of TLS traffic.

This practice is hazardous. It obfuscates the true certificate issuer and prevents browser security features such as certificate pinning from working correctly. See also the ISP equivalent, NHIJACK.