An advocate for the antivirus (AV) industry has warned security vendors to take heed of a call by Google, Mozilla and CloudFlare to back off inspecting encrypted traffic.
Security vendors need to clean up their acts on crypto if they're going to do traffic inspection, according to Martijn Grooten, editor of Virus Bulletin, an infosec publication for the AV industry by the AV industry.
In a blog entitled "Security products and HTTPS: let's do it better", he addresses recent criticisms of several major security vendors for endangering web users by mishandling Secure Sockets Layer (SSL) and Transport Layer Security (TLS) traffic inspection.
The SSL/TLS protocols are responsible for creating a secure, encrypted HTTPS connection between user software, such as browsers, and servers.
However, to monitor for malware, many antivirus and enterprise middlebox products intercept encrypted traffic, decrypt the session to analyze its contents, and then create a new TLS connection to the website.
The problem is that many security vendors have implemented this feature badly, creating a less secure connection for users than say Chrome or Firefox offer.
Security researchers from Google, Firefox maker Mozilla, and CDN provider CloudFlare drew attention to this problem in dozens of products from major security firms. The worst products severely break HTTPS connections due to using weak ciphers or not validating certificates.
These issues could expose users to a man-in-the-middle (MITM) attack where the attacker impersonates a website while the user is under the impression they have a secure HTTPS connection.
The researchers urged vendors to stop TLS interception because these security products already have access to the local filesystem, browser memory, and content loaded over HTTPS.
While Grooten still largely defends TLS interception as way of protecting PCs from malware, he admits "there is no excuse not to implement crypto properly, especially given that cryptographic libraries are available that make this a relatively straightforward task".
However, in defense of vendors, he says people who oppose TLS inspection on the grounds that it breaks the end-to-end principle of HTTPS are missing a key point.
"A compromise in one area of security could (sometimes) lead to improved security elsewhere, and thus a net win," he writes.
He goes on to argue that MITM attacks, while not impossible, are largely theoretical, whereas security vendors may be more concerned about the more concrete threat from exploit kits and malware, the threats their products are designed to block on behalf of customers.
"It just isn't that easy for an attacker to get that privileged network position, especially not compared with the many other ways in which they can get the information they are after," Grooten writes.
"And this may be the main reason why there are quite a few security products that don't implement TLS properly: it doesn't really impact their customers, at least not the vast majority of them."
Nonetheless, for vendors, the paper by Google, Mozilla, and CloudFlare, should be a wake-up call to fix TLS in their products.
"If the mostly theoretical threat isn't a good enough reason, then let papers like the one mentioned here be the threat model you're missing. After all, they are a PR embarrassment and hurt not just the affected products, but the industry as a whole."