The Security Impact of HTTPS Interception

Zakir Durumeric,, Feb 08, 2017
Commentary by Stephen Downes

The state of web security is, um, awful. Specifically, with respect to HTTPS, here's what this pointed study reports: "we find more than an order of magnitude more interception than previously estimated, ranging from 4–11%." This was determined by studying different browsers, e-commerce sites, and content distribution networks. But worse, software installed by corporations to increase security may be making the network more vulnerable. "62% of traffic that traverses a network middlebox has reduced security and 58% of middlebox connections have severe vulnerabilities. We investigated popular antivirus and corporate proxies, finding that nearly all reduce connection security and that many introduce vulnerabilities." Via O'Reilly.

Views: 1 today, 1465 total (since January 1, 2017).[Direct Link]