1. 8
  1. 4

    The story link is to an opinion based on a summary page that was written for a security research paper, so I’m suggesting “rant”. The source material is pretty interesting, however.

    If you aren’t into computer or network security, you might not realize that SSL data can be legitimately intercepted and scanned for vulnerabilities by your security systems. The authors of the paper explore how prevalent that has become.

    Here’s a link to a summary page written by one of the authors of the paper:

    Understanding the prevalence of web traffic interception

    And here’s a PDF link to the actual paper, which is the better read:

    The Security Impact of HTTPS Interception

    I think the conclusions they make about prevalence of malware may not be justified by the data, given that they identified 24 different legitimate scanning systems but could only fingerprint six of them, but I agree strongly with the final conclusion- If you are going to install a network middlebox, you’d better make absolutely sure that you are comfortable with how it handles it’s end of the connection security. These products may apply different security standards, and many of them are not an upgrade over what an endpoint might do on its own.

    1. 1

      You don’t have to be one of those dreaded “capitalist bootlicker apologists” to recognize that inspecting inbound and outbound traffic (of their devices on their network) makes sense from a security perspective.

    2. 2

      What percentage of CloudFlare traffic is man in the middled? 100%. Fortunately that’s never resulted in any security problems…