The Security Impact of HTTPS Interception

Zakir Durumeric, et.al., Feb 08, 2017
Commentary by Stephen Downes
files/images/security.PNG

The state of web security is, um, awful. Specifically, with respect to HTTPS, here's what this pointed study reports: "we find more than an order of magnitude more interception than previously estimated, ranging from 4–11%." This was determined by studying different browsers, e-commerce sites, and content distribution networks. But worse, software installed by corporations to increase security may be making the network more vulnerable. "62% of traffic that traverses a network middlebox has reduced security and 58% of middlebox connections have severe vulnerabilities. We investigated popular antivirus and corporate proxies, finding that nearly all reduce connection security and that many introduce vulnerabilities." Via O'Reilly.

Views: 0 today, 1346 total (since January 1, 2017).[Direct Link]