HTTPS Interception — How To Use It Without Concern

by Lior Rozen

Network privacy is making its way more and more into the news these days. As much as we are eager to share and get responses to our personal moments on social media, we are even more eager to protect our private data. The privacy concern has become even stronger ever since we discovered as part of the Snowden revelations that the U.S. government (as well as others) is actually inspecting all internet communication.

Keeping privacy poses a challenge for organizations, who try to balance their employees’ privacy and corporate security. Privacy is very important. Protecting an organization’s intellectual property is also important, and so is the need to detect malware and data leakages. In many cases, such balance is achieved by inspecting some of the encrypted communication of the organization’s employees to the internet. The inspection is done automatically by security tools, which are designed to detect malwares without saving or checking the application content. Recently, this technique got a hit from US-CERT (United States Computer Emergency Readiness Team), advising that such inspection, also called HTTPS interception, is weakening security.

In this post, I would like to examine the benefits of HTTPS interception, as well as the risks it introduces. We will see that HTTPS interception gives a lot of power to the organization that deploys it, and quoting Spiderman’s uncle Ben — “with great power comes great responsibility.” However, much like in the Marvel world, we would like the good guys to have this power, and bear the responsibility, for the common good.

Read more: