This morning, some users have been reporting — and we’ve witnessed first-hand — a combination of issues with antivirus programs leading to not being able to access Google sites, including Gmail.
Update: An Avast representative has stated that the update is complete and should be rolling out to devices now. But disabling the feature may still be worth considering (see below).
Firefox browser users with certain antivirus software like AVG and Avast are currently unable to open dozens of pages around the internet. The symptoms of this issue are clear; some users are unable to visit the Secure versions of Google sites. Those running into the issue are greeted with the following error message: “SSL_ERROR_RX_RECORD_TOO_LONG”.
The issue has to do with the way that Avast and AVG scan secured HTTPS web traffic before giving it to the browser. From Mozilla’s support page on the topic:
Avast and AVG products may not be ready for the most recent and secure TLS 1.3 specification used in the latest versions of Firefox. As a result, Firefox users may see intermittent Secure Connection Failed error pages on secure websites such as Google and others.
Avast already has “a fix for that and are just testing it,” according to representative Lukas Rypacek, and it will be released “in the next 24 hours.” In the meantime, Mozilla recommends disabling Avast/AVG’s HTTPS Scanning features, to continue using your normal sites.
Antivirus vendors need to stop doing this. Intercepting HTTPS is not OK.