How to block Microsoft from checking Certificates

Dear forum,

When I visit an “https” web site or a website that contains an “https” link, Windows always connects to Microsoft servers to check Certificates. I personally don’t like to give Microsoft a history of websites I visit. I thought I could use to Comodo to block this bevavior. Unfortuntately the checking is done through svchost.exe (Cryptographic Services). It looks like Comodo can not handle services. Is this correct?

I had posted this earlier, but it looks like I phrased the problem in a way that forums users were reluctant to help.

Thank you very much for any help in advance!
Dave

You could try making a rule for svchost but that would also effect other processes other than the cryptographic services that execute svchost. As far as I know it is not possible in Comodo to distinguish between the services that fire up svchost.

Are you using Internet Explorer? Try Opera browser or another alternative browser. They make their own certificate checks IIRC. When using XP SP1 you are tied to that horrible and insecure IE 6 browser. Please any other browser.

Even though you seem to be on a pirated XP version I would not be worried about privacy violations by Microsoft. They don’t use these things for tracking illegal versions last thing I know. For example even when on a pirated version of Windows you still would get security updates by means of the automatic updater. Microsoft is more concerned about keeping the online world secure than going after individual users (they get nagged by WGA etc into buying a legal version).

I think your privacy concerns are overrated. I think it is more important to get https certificates properly checked.

Thanks, for confirming that this is not possible. I hope comodo will implement this feature in the future. In the meantime I just turn off “Check server revocation” in IE)

I actually have a licensed vista version (otherwise I would block also windows update etc :wink:

Thanks again,
Dave

with windows xp pro this can be done by using the group policy editor . it specifically has a setting to prevent certificates from being updated.

Yes, I know now that you could configure it. However my question was how to do it with Comodo. But it is not possbile. I guess this is a weakness of CIS.

But I don’t want to complain, since Comodo is freeware … :wink:

Thanks,
Dave