Your connection is not private

Why does this keep happening time and time again after an CIS update?

And it’s for all my browsers. Weird. I fight and fight and sometimes don’t remember exactly what I do to get it fixed I try so many things. This ends up taking days to resolve and I use my computer a lot, and not for entertainment either.

Here is the error on Dragon browser,

[b]Your connection is not private

Attackers might be trying to steal your information from www.google.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_AUTHORITY_INVALID

www.google.com normally uses encryption to protect your information. When Comodo Dragon tried to connect to www.google.com this time, the website sent back unusual and incorrect credentials. Either an attacker is trying to pretend to be www.google.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Comodo Dragon stopped the connection before any data was exchanged.

You cannot visit www.google.com right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.[/b]

Other websites work fine, but any search engines like Yahoo, whatever, same problems. Or a few other websites give the same error but most work. For example I’m able to post here!

I go to “Google” on my Internet Explorer and IE browser,…
There is a problem with this website’s security certificate.

Why does this happen almost every time I do an update on CIS?

What does it say is the cert authority for Google?

Not sure how to find out “cert authority” but no pop-ups happen giving out that information.

I would GOOGLE it, but my browser won’t let me! LOL

Actually all joking side, if you type in the word “danger” anywhere inside the browser (you won’t see your typing though) and then hit enter, it bypasses the stupid error and lets you go to Google. Of course you have to keep doing that for each Google page. Any other websites you go from Google are fine, no bypassing needed.

Isn’t that a handy little secret?

Only comes in handy in a situation like this, otherwise not recommended.

Okay, think I figured it out on how to get cert info…

Here is what happens when I click on Dragon Browser in the address window where the little red x and the slash through the https:// is, but like I say, this is for all browsers and not sure how to access it from those yet. Here’s Dragon,…

[b]Windows does not have enough information to verify this certificate.

Issue to: www.google.com
Issued by: PrivDog Secure Connection Inspector CA
Valid from 11/12/2015 to 2/9/2016[/b]

I already have my PrivDog browser “extension” turned OFF.

But maybe just having it installed on my computer is effecting all browsers?

Been down this path as possible source of problem, thus already having it turned off in Dragon. But I wonder,…hmmm

Heck, I may uninstall it and see what happens then. Hate to, but I’m not using it at least in this browser. May try it later if no one chimes in with any other good ideas or solutions.

Do you have the standalone PrivDog application installed?

No, and I’m not sure where I got it from. Believe it may have just come with the HP laptop pre-installed.

Haven’t uninstalled it yet. Just got back home and about to start into working on solving the riddle of what’s going on here.

Control panel/programs shows “PrivDog” and “PrivDog 2 Legacy Browser Plug-ins”

It seems you have the standalone PrivDog application, in your case I’d recommend uninstalling it since it’s probably causing your issues.

No, don’t think it’s PrivDog.

Did a Windows Update after a cold boot, then Java update. Now suddenly all browsers are working fine except Dragon.

This is strange stuff. Not to mention a big gigantic hassle.

Enabled my Comodo web inspector extension -previously disabled- and this is what came up with that reading:

(if anyone can make heads or tails out of it, I did highlight a few items that stood out to me)

I think I’m not going to spend to much more effort on this. More than likely I’ll just stop using Dragon if it’s this much trouble. Geez.

COMODO SSL Analyzer
v1.0.8

Report for: www.google.com

Certificate Details
Common Name www.google.com
Alternative Names
Click a Name to crt.sh (search) for all publicly logged certificates
www.google.com

Subject Name
commonName=www.google.com
organizationName=Google Inc
localityName=Mountain View
stateOrProvinceName=California
countryName=US

Serial Number 5E962EFD88A61399
Fingerprint (SHA-256) 3492591DE1FC3816160E026AEDEF09BB7794505553C4357EE8F55E814BE3321F
Valid From Thu, 12 Nov 2015 18:27:01 GMT
Valid To Wed, 10 Feb 2016 00:00:00 GMT (Expires in 79 days)
Key RSA (2048-bit)
Signature SHA-256 / RSA
Issuer Name
commonName=Google Internet Authority G2
organizationName=Google Inc
countryName=US

Issuer Brand Google
Validation Type Organizational Validation (OV)
Trusted by Microsoft? Yes
Trusted by Mozilla? Yes
Certificate Status Details
OCSP “Stapling” Not Supported
Server Details
Software sffe
IP Address 216.58.196.100
Port 443
Hostname maa03s19-in-f100.1e100.net
Clock (ServerHello.gmt_unix_time) Sun, 22 Nov 2015 20:22:11 GMT (Accurate)
Clock (HTTP “Date:” header) Sun, 22 Nov 2015 20:22:12 GMT (Accurate)
Protocol Versions
TLS v1.2 Supported Immune to TLS POODLE attack
TLS v1.1 Supported Immune to TLS POODLE attack
TLS v1.0 Supported Immune to TLS POODLE attack
SSL v3.0 Supported Vulnerable to SSLv3 POODLE attack INSECURE
SSL v2.0 Not Supported
Protocol Features / Problems
Downgrade Protection (TLS_FALLBACK_SCSV) Supported
Secure Renegotiation (Server-initiated) Supported
Secure Renegotiation (Client-initiated) Not Supported
Legacy Renegotiation (Client-initiated) Not Supported
Compression Not Supported Immune to CRIME attack
Heartbeat Not Supported Immune to Heartbleed attack
Session Resumption Supported
Session Tickets Supported
TLS Extension Intolerant? No
Cipher Suite Negotiation Bug? No
Cipher Suites Enabled
Name (ID) Key Size (in bits)
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCC13) 256 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F) 128 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xC013) 128 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xC011) 128 ECDH 256-bit (P-256) WEAK (RC4 )
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9C) 128
TLS_RSA_WITH_AES_128_CBC_SHA (0x2F) 128
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3C) 128
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xA) 112
TLS_RSA_WITH_RC4_128_SHA (0x5) 128 WEAK (RC4 )
TLS_RSA_WITH_RC4_128_MD5 (0x4) 128 WEAK (RC4 )

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xC030) 256 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xC014) 256 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xC028) 256 ECDH 256-bit (P-256)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xC027) 128 ECDH 256-bit (P-256)
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9D) 256
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3D) 256
Miscellaneous
Report Date Sun, 22 Nov 2015 20:22:10 GMT
Report Duration 30 seconds

I had similar issues.

To resolve this:

  1. Please close all browsers then uninstall Privdog
  2. Navigate to the sites affected again
  3. If this has not solved the problem, close all browers and go to Control panel ~ administrative tools ~ services ~ Privacy Content Firewall service ~ Properties, and stop the service.
  4. If it will not stop disable it and reboot
  5. In a command widnows with admin privs type:
    sc delete “Privacy Content Firewall”
  6. In Windows Explorer Navigate to %appdata%
  7. Delete the AdtrustMedia folder
  8. Reboot. Check affected site in your browser - the problem should now be gone

Awesome Mouse1,

I came back to post my solution after so many days and my temporary work-arounds and saw your post ONLY TWO DAYS AGO!!!

How bout dat?

Thanks for the info, and your solution matched mine perfectly. Step one in fact. Surprised me how much PrivDog effected my PC, because now it’s cracking like lightning. Just uninstalled PrivDog yesterday. Really didn’t think that was the main problem there for a while but sure enough, I guess it was.

Noticed it was not the latest version, so maybe I’ll experiment with installing the new version one day when I have nothing better to do. I like the idea of an extra layer of protection but if the cost is that it messes around with too many other things, then I’ll have to pass.

Couldn’t find any “Privacy Content Firewall service” by Start/Task Manager/ and the Services tab, so I guess that’s not a factor for my computer. But I looked just for curiosity sake. And being a geek. :wink:

Thanks again for your post. Hope this helps someone out there with this maddening problem.

Technology is so cool,…

when it works.

Glad to be of help - actually one of the Comodo devs gave me the solution.

Thanks for the info, and your solution matched mine perfectly. Step one in fact. Surprised me how much PrivDog effected my PC, because now it's cracking like lightning. Just uninstalled PrivDog yesterday. Really didn't think that was the main problem there for a while but sure enough, I guess it was.
That's good. On my machine the uninstall said it completed, but actually failed to remove the service due to a timeout stopping the service I think, or possibly due to the fact that I had earlier removed the certificate.
Noticed it was not the latest version, so maybe I'll experiment with installing the new version one day when I have nothing better to do. I like the idea of an extra layer of protection but if the cost is that it messes around with too many other things, then I'll have to pass.
Yes the uninstall problem I had was suggestive of an early version. Later versions, eg I think it is now installed with Dragon seem not to cause people problems. But we cannot be sure - maybe there is a software conflict on both our machines. So proceed with caution and take a restore pt if you decide to re-install.
Couldn't find any "Privacy Content Firewall service" by Start/Task Manager/ and the Services tab, so I guess that's not a factor for my computer. But I looked just for curiosity sake. And being a geek. ;)
It's the main proivdog service - your uninstall must have been successful
Thanks again for your post. Hope this helps someone out there with this maddening problem.

Technology is so cool,…

when it works.

NP - hope all goes well for you.