4% to 10% of #web #encrypted #https traffic is intercepted

Overall we found out that HTTPS interceptions are more prevalent than expected (4% – 10%) and pose serious security risks as they downgrade the encryption used to secure web communications. Furthermore, the HTTPS implementations used for interception do not have the same automatic update mechanisms that browsers do, making fixes less likely to be rolled out. Intercepting middleboxes have also contributed to the delayed release of TLS 1.3 in browsers. It is our hope that raising awareness around this issue will help software vendors that rely on interception to realize the risks of this practice.

Sourced through Scoop.it from: blog.cloudflare.com


This is a technical article that sheds light onto a potential security risk that all digital professionals should be aware of as we generally assume that SSL and HTTPS will keep our conversations secure over the Internet.

Farid Mheir