<p>I <a href="https://www.lonecpluspluscoder.com/2015/08/05/smartphones-computers-need-regular-patching/">recently</a> blogged about Google and Samsung starting to offer regular security patches for their Android devices.</p>
<p>Some security researchers from UCSD <a href="http://www.wired.com/2015/08/hackers-cut-corvettes-brakes-via-common-car-gadget/">showed a proof of concept exploit via one of the dongles</a> that appears to be also used by car insurance companies to monitor your driving “to give you discounts for good driving”. I’m not really a fully paid up subscriber of the tin foil hat brigade but stuff like this makes me glad that I’m still opting for the old-fashioned way of paying…
<p>tl;dr - avast’s web shield functionality appears to insert itself into SSL connections using a self signed trusted root certificate and a simple kind of man-in-the middle “attack” on SSL. I would recommend you turn off web shield’s https scanning or choose another virus scanner.</p>