Do you trust all HTTPS sites---The Rise in SSL-based Threats

Posted: 18 Feb 2017

Do you pay attention to the sites you visit, Do you feel safe if you see if you see the HTTPS or safe or secure symbol in your browser.

Overview:

The Rise in SSL-based Threats | Zscaler Blog

The majority of Internet traffic is now encrypted. With the advent of free SSL providers like Let’s Encrypt, the move to encryption has become easy and free. On any given day in the Zscaler cloud, more than half of the traffic that inspected uses SSL. It is no surprise, then, that malicious actors have also been using the SSL protocol in their activities over the last several years. The increasing use of SSL creates problems for organizations that are unable to monitor SSL traffic, as they must rely on less-effective techniques like IP and domain blocking in an attempt to identify and block threats.

I think the the blog post above is a reaction to this

A group of scientists from the University of Michigan, University of Illinois Urbana-Champaign, University of California Berkeley, International Computer Science Institute, as well as from Mozilla, Cloudﬂare, and Google, have published a report that reveals that HTTPS scanning can cause new security issues.

Nick Sullivan - The Security Impact of HTTPS Interception

The Security Impact of HTTPS Interception

As HTTPS deployment grows, middlebox and an- tivirus products are increasingly intercepting TLS connections to retain visibility into network traffic. In this work, we present a comprehensive study on the prevalence and impact of HTTPS in- terception. First, we show that web servers can detect interception by identifying a mismatch between the HTTP User-Agent header and TLS client behavior. We characterize the TLS handshakes of major browsers and popular interception products, which we use to build a set of heuristics to detect interception and identify the responsible product. We deploy these heuristics at three large network providers: (1) Mozilla Firefox update servers, (2) a set of popular e-commerce sites, and (3) the Cloudflare content distribution network. We find more than an order of magnitude more interception than previously estimated and with dramatic impact on connection security. To understand why security suffers, we investigate popular middleboxes and client- side security software, finding that nearly all reduce connection security and many introduce severe vulnerabilities. Drawing on our measurements, we conclude with a discussion on recent proposals to safely monitor HTTPS and recommendations for the security community.

Posted By: Digital Life
18 Feb 2017

lx07

Posts : 5,478
2004

New 18 Feb 2017 #1

I noticed tenforums has gone https again.

They tried it, it failed and went back to http. A year ago or so. Whatever was wrong was obviously resolved as now it is https again.

No I don't think so it is a problem unless you are using Wi-Fi on an airplane or something.

HTTPS is better than any alternative if you are happy with the network you are connected to is it not?

These guys seem to think so anyway.

tls - Is visiting HTTPS websites on a public hotspot secure? - Information Security Stack Exchange

If you connect to an unknown network then you are vulnerable to any mitm and there is nothing you can do about it. I suppose in that case a Google certificate may not be from Google but self signed ones made up by Gogo. Gogo issues fake HTTPS certificate to users visiting YouTube | Ars Technica
My Computer
- My Computer
Computer Type: Laptop
System Manufacturer/Model Number: Apple
OS: 2004
CPU: i7
Memory: 16GB
Graphics Card: Iris Pro
Monitor(s) Displays: 15"
Screen Resolution: 2880x1800
Keyboard: AZERTY
Quote

Subscribe to Thread

Related Discussions

Our Sites

Site Links

About Us

Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 05:34.

Find Us