How does Avast's https scanning feature work? Is it basically a MITM attack? This feature was enabled in the 2015 version released a few days back
• HTTPS scanning
Now, we are able to detect and decrypt TLS/SSL protected traffic in our Web-content filtering component. We are using our own generated certificates that are added into the Root Certificate store in Windows and also into major browsers. This feature will protect you against viruses coming through HTTPs traffic as well as adding compatibility for SPDY+HTTPS/ HTTP 2.0 traffic. You can tune/disable this feature in the settings section.