The Biggest Sticking Plaster in Cybersecurity: SSL/TLS

It’s not a good protocol!

So, if I use a secure tunnel to my bank, everything is nice and secure? Yes! … if you use a VPN Tunnel, and “No!”, if you use HTTPS. The SSL/TLS tunnel is one of the weakest areas within computer security, as it only protects data as it goes from machine to machine, and does little to protect a proxy being setup on either end of the tunnel. Most good pen testers have a trusty proxy for SSL/TLS connections, and can easily break what is passed within the tunnel. Many companies, too, use smart firewalls, and which will proxy the secure connection for the user, and thus determine the encryption keys used. These can then be passed to other networking devices, in order to break the encryption.

So, as an example, I’m going to outline how this can happen using the Superfish vulnerability that affected Lenovo laptops, and how sloppy developers can be sometimes.

What’s the problem?

So why is HTTPS insecure? Because SSL is a simple fix that just acts to secure part of the network stack, and it is not too difficult to get in-between the browser and the network connection, and trick the browser into thinking that it is connected to a valid site, with the digital certificate looking valid. This is a man-in-the-browser type of attack…