The problem is not local proxy, but the way it was done. I would recommend you read the EFF article in detail to fully understand the issue.
Melih
I have read the EFF article in detail, the issue as I understand it is that SuperFish injected its own root certificate and used the same certificate for all the MITM attacks, hence if you get the private key for that certificate, then you can decrypt all traffic, now I'm asking how PrivDog is different because I don't know how to actually check it.
Is PrivDog doing something differently to make these kinds of attacks harder? In that case what does it do differently?
There are many legitimate uses of local proxy that many antivirus and content filtering vendors use, otherwise how could you check for viruses in an HTTPS session?
For browsers, which is what PrivDog filters, you can use browser extensions, which you used to do (but stopped since Chrome started blocking extensions outside of the web store)
The EFF article also says:
Using a MITM certificate to inject ads was an amateurish design choice by Superfish.3
3 A safer (but still risky) alternative would be for Superfish to implement its ad-injecting functionality using a browser extension.
Also, what viruses does PrivDog check for?
Also when using PrivDog I don't see the certificate that the site in question uses, I only see the PrivDog certificate, how can I then know that the certificate between PrivDog and the site in question is the real one and not a fake one? I can't, I'd have to rely on PrivDog picking that up, does PrivDog do that?