- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Tue, 31 Mar 2015 02:00:23 +0100
- To: Adrien de Croy <adrien@qbik.com>, Xiaoyin Liu <xiaoyin.l@outlook.com>, Dan Anderson <dan-anderson@cox.net>, "Walter H." <walter.h@mathemainzel.info>
- CC: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 31/03/15 01:07, Adrien de Croy wrote: > > With MitM all bets are off Seems to me that claims of the prevalence of MitM are somewhat exaggerated. The last study I recall of those in the wild found about 0.41% of requests affected. [1] So I think any argument of the form "don't do X to try be more secure or private, since the prevalence of MitM implies X is pointless" ought be considered bogus at the ~99.5% confidence level, at least according to [1]. I also note that [1] found that those few unfortunate victims of the MitM attack are terribly served between UA and MitM as they saw a bunch of short RSA keys (with no PFS) used. And one would expect that to be the case as a supposedly "benevolent" MitM will generally decide to prefer crap security so that their always-negative performance impact is minimised. (Seeing commensurate security on both sides of the MitM might even be considered as indicative that the MitM is more likely malicious and not benevolent? I've not seen that measurement so far as I recall, so I'm just speculating there.) Are there better studies out there with better figures? If not and 0.41% of crappy security that you get with real deployments of MitM's is the norm, then we ought be more than ignoring the MitM deployments - we all (and browsers!) should be yelling loudly about 'em as we trip over their victims. Cheers, S. [1] http://arxiv.org/abs/1407.7146
Received on Tuesday, 31 March 2015 01:01:05 UTC