/plushcap/analysis/cloudflare/understanding-the-prevalence-of-web-traffic-interception

Understanding the prevalence of web traffic interception

What's this blog post about?

A study published at NDSS 2017 found that between 4% and 10% of web's encrypted traffic (HTTPS) is intercepted, posing serious security risks as they weaken the encryption used to secure communications. Interception products often impersonate websites without users' knowledge by adding their own "root" certificate to the computer trust store. The study also revealed that while not always malicious, web traffic is primarily intercepted for two reasons: improving security and performing malicious activities. Furthermore, HTTPS implementations used for interception do not have the same automatic update mechanisms as browsers, making fixes less likely to be rolled out.

Company
Cloudflare

Date published
Sept. 12, 2017

Author(s)
Guest Author

Word count
1667

Language
English

Hacker News points
12


By Matt Makai. 2021-2024.