The Risks of SSL Inspection

Will Dormann from the CERT Division of the Software Engineering Institute takes a close look at SuperFish and PrivDog and finds out that:

  • The capabilities of SSL and TLS are not well understood by many.
  • SSL inspection is much more widespread than he suspected.
  • Many applications that perform SSL inspection have flaws that put users at increased risk.
  • Even if SSL inspection were performed at least as well as the browsers do, the risk introduced to users is not zero.

Read the full analysis here – http://www.cert.org/blogs/certcc/post.cfm?EntryID=221

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top