The Cost of the "S" In HTTPS

An anonymous reader writes Researchers from CMU, Telefonica, and Politecnico di Torino have presented a paper at ACM CoNEXT that quantifies the cost of the "S" in HTTPS. The study shows that today major players are embracing end-to-end encryption, so that about 50% of web traffic is carried by HTTPS. This is a nice testament to the feasibility of having a fully encrypted web. The paper pinpoints also the cost of encryption, that manifests itself through increases in the page loading time that go above 50%, and possible increase in battery usage. However, the major loss due to the "S" is the inability to offer any in-network value added services, that are offered by middle-boxes, such as caching, proxying, firewalling, parental control, etc. Are we ready to accept it? (Presentation can be downloaded from here.)

Not Slashdot!

[Charliemopps]

Are we ready to accept it?

Slashdot certainly isn't ready!

Re:Not Slashdot!

[Anonymous Coward]

Yes, clearly we must urgently encrypt all slashdot communication so that no-one can read the posts!

Re:

[Charliemopps]

Yes, clearly we must urgently encrypt all slashdot communication so that no-one can read the posts!

Given that this sites primary purpose is social commentary of the news, encryption's probably more important here than just about anywhere else.

Re:Not Slashdot!

[zidium]

Worry not, Comrade!

HTTPS will come to Slashdot after UTF-8 arrives and the Usable Slashdot interface is retired.

In the meantime, why don't you come join us at https://pipedot.org/ [pipedot.org]? It has both UTF-8 and SSL support already.

Re:Not Slashdot!

[Raumkraut]

In the meantime, why don't you come join us at https://pipedot.org/ [pipedot.org]? It has both UTF-8 and SSL support already.

And for that matter so does Soylent News [soylentnews.org], which is even based on the same codebase as Slashdot!

Re:

[account_deleted]

Comment removed based on user account deletion

Those aren't the services you're looking for

[Overzeetop]

"in-network value added services"

I just read that as "advertising".

Besides, I though most of the internet traffic was netflix now. Is that all done https in a way that distributed caches are infeasible? I understood that the caching was pretty robust for their traffic.

Re:Those aren't the services you're looking for

[yakatz]

It includes things like local caching which was once important, but probably isn't anymore.

Re:Those aren't the services you're looking for

[Qzukk]

Legitimate local proxies will have the clients configured to use them and will work fine with https.

Re:Those aren't the services you're looking for

[petermgreen]

In my experiance most proxies legitimate or otherwise just pass https through without caching it.

It's certainly possible to set up a proxy that decrypts and hashes https but it has a number of issues.

1: legal, in some jurisdications it may not be legal to interfere with the encryption of certain types of traffic or may make you liable if the information you decrypted leaks out.
2: client configuration, you have to explicitly add the certificate for every client. Having unmanaged client machines is not mutally exclusive with a legitimate desire to cache data.
3: security, your proxy just became a massive target for anyone wanting to attack your users.

Re:

[Eunuchswear]

My experience with telephone company provided local caching is that it usualy makes the web unusable, If I can get at a service via HTTP or HTTPS then quite often the HTTPS works where the HTTP will either give you nothing, or just the start of the page,

(This was on Free Mobile, in France).

Re:

[petermgreen]

Caching at the phone company is kinda pointless. The time you want proxy caching is when you have a fast local network behind a slow wan and want to reduce the traffic over the WAN.

Afaict the purpose of the phone companies proxy's is not caching. It's purpose at least in my experiance is to reduce bandwidth on the mobile network by reducing image quality.

Re:

[AmiMoJo]

Netflix gives servers to ISPs to host inside their networks for "caching". It's not really caching, it's just distributing their servers more widely.

Re:

[dave420]

It most certainly is caching - it's a method called "push caching". The servers act just as caches, but the content is pushed to them from Netflix rather than stored when a client first accesses it.

Let's generalize that.

[jhantin]

More generally, CDNs aren't "in-network services" in the same sense as middleboxes and thus aren't hampered by TLS. When properly deployed they don't sit between the page server and the browser, but rather the page server links to CDN URLs for images, scripts, and other referenced content. From that standpoint they are essentially just another farm of web servers specialized for static content.

The "in-network services" TFA talks about can only work because they can freely inspect, collect copies of, trans

Re:

[Sir_Eptishous]

My thoughts exactly.
Good lord, with the IoT, and any other "value added" krap out there, are we to expect even a moment away from ads?

Re:

[fuzzyfuzzyfungus]

Some of them are even worse than advertising; but, yeah, "value-added services" is weasel speak for all the ghastly things that your telco would like to do to your perfectly good dumb pipe in order to charge you more for it. (In the same way that the recently revealed custom of injecting tracking IDs into the HTTP headers of traffic passing over some providers', like Verizon's, mobile data networks is called "HTTP Header Enrichment".)

Breaking that shit isn't a cost of HTTPS, it's one of the major reasons

Value added? More like value subtracted.

[sinij]

Value added? More like value subtracted for most of the things on your list.

Plus, you are ignoring the fact that nobody is planning to encrypt content like video streaming.

Re:

[jhantin]

Plus, you are ignoring the fact that nobody is planning to encrypt content like video streaming.

Remind me again why big corporations have been making a huge uproar about allowing unencrypted content? Oh yeah, DRM. ;-)

Re:

[trigeek]

Actually, as the paper indicates, Youtube is encrypting most of their delivered content.

Yes

[buchner.johannes]

Caching: You can not cache Facebook for example, because the content is generated differently for every user. Youtube goes through great lengths to prohibit caching (e.g. with Squid) in the first place.
Proxying: You can proxy https just fine.
Firewalling: You can firewall https just fine.
Parental control: You can block websites just fine, either via DNS or IP.
I suspect they mean snooping for "copying that companies don't approve of" and "freedom fighters" here. And child pornography. It's kind of the point of HTTPS that it should be private. So yes, I can accept these costs.

Re:

[Doug Otto]

I believe the "Firewalling" comment was likely in regard to packet inspection, not port filtering.

Re:

[Rob Riggs]

Packet inspection is certainly possible. You proxy all traffic either explicitly or via one of the many MITM SSL deep packet inspection products. Surreptitious packet inspection is not possible. And that's a *very* good thing.

Re:

[MightyYar]

You can even cache, if you have access to the certs on the client. Google "squid in the middle". Any school or work environment with legit reasons to filter or cache content still can.

Re:Yes

[Aethedor]

Caching: You can cache Facebook's images, stylesheets and Javascripts just fine.
Proxying: Not just fine. You need a man-in-the-middle proxy for that and its root certificate installed on every client. Otherwise, it's just routing, not proxying.
Firewalling: Firewalling based on hostname / port, yes. Firewalling based on bad content (malware), no.
Parental control: Same as firewalling. And blocking this kind of content is not only done by IP address, but often also by words in the hostname. This cannot be done when you can't read the hostname in the HTTP request.

Re:

[ottothecow]

Why can't you cache facebook?

Sure, nothing on there is a static page, but if a million people are sharing the same 1MB image, you can still cache that. The text after "So and So shared..." will change, and the comments/likes will change, but somewhere there is a jpeg that keeps getting reused. Not everything makes sense to cache, but for things like images shared by George Takei, caching them once at the ISP or corporate network level could stop many gigabytes of external transfer.

Re:

[tom17]

Even for lower use images, caching them closer to the poster could be helpful given that their circle of friends is likely, statistically, to be in the same region. One image alone would not make much difference in this case, but millions of low use images mostly coming from caches closer to most of the people viewing them would make a huge difference.

Re:

[Anonymous Coward]

It is disingenuous to make a blanket statement "you can not cache Facebook". After all, what takes up the most "data" on the page? It is between images and scripts. Neither of those is unique per user. When someone posts an image, all viewers of the image see the same image. It can be cached. Same with the javascript. It is just the unique parts of the page that can't be cached...

Re:

[Austerity Empowers]

Ad injection, webpage redirection. "Value add" for network owners, not end-users. Fuck em.

Use COPPA as an excuse not to encrypt

[tepples]

Then block all HTTPS until age 13. The only sites you need HTTPS for are the ones that require a login, and COPPA and foreign counterparts make it very hard to offer logins to children under 13.

Re:

[bunratty]

I would say that any site that allows downloads of executable content also needs HTTPS. Otherwise, a middleman could install malware in your downloads nearly as easily as they could see your passwords.

Block executable downloads until age 13

[tepples]

I would say that any site that allows downloads of executable content also needs HTTPS.

I agree. So let's require parental elevation to download an executable until the child graduates from parental controls. The child won't have administrative privileges to install software anyway.

Re:

[AmiMoJo]

Right, because children under 13 don't deserve any privacy anyway. Or email. Or game accounts.

Whitelisting

[tepples]

Please help me understand why whitelisting is not enough.

Right, because children under 13 don't deserve any privacy anyway.

If children aren't submitting any personally identifying information (PII), what privacy is to be had? It's already illegal for a web site to collect PII from children under 13 without a parent's consent. If a parent consents to a site's collection of a child's PII, the parent can whitelist the site.

Or email.

The child clicks the send button in a native e-mail app on the computer (not webmail), and then the parent reads the outbox and approves each message as a

Re:

[Bengie]

Sounds like a great way to lose the trust of your child. Enjoy being put in a "home" when you get old enough.

Re:

[tom17]

Except modern browsers and servers support SNI, so the hostname is now sent as plaintext on the network.

Re:

[Bengie]

Just wait until IPv6 with IPSEC becoming standard. All you will see is a Layer 3 packet with no indication of protocol or port number. All layer 4 data is encrypted.

Euphemism: 'Value-added services'

[kheldan]

Oh, you mean like targeted ad injection and other MITM type garbage? That's fine, you can keep those anyway.

Cost of certificates

[bunratty]

The other cost of the S is the difficulty in obtaining and using certificates that are recognized by browsers without bothering the user. That's why the Let's Encrypt [letsencrypt.org] project is trying to make it free and easy.

Re:Cost of certificates

[bunratty]

You can get SSL certificates for free, but they're WAY more difficult to use than they need to be. I've installed certificates before, and it's a bunch of tedious, boring, repetitive work. What are computers for but to automate tedious, boring, repetitive work!? The computer should handle all work for me, and all I should have to do is click a button, for chrissake! That's what Let's Encrypt does.

Re:

[hcs_$reboot]

they're WAY more difficult to use than they need to be.

That's probably in order to justify the price, I mean for the non-free ones (to be recognized by most browsers)? A cert takes less than a $0.01 to be made, they're sold between $30 to $1000...

Re:

[tom17]

With StartSSL the actual cert generation is easier than that as they create the key on their server first and they ask for the forms on the site. No CSR is needed, though you can do it that way if you wish.

What is a tiny bit annoying is their authentication - you need a client authentication cert installed on your browser. Not hard in itself, but annoying if you have let the old one expire as they then need to review your request for a new one.

One other thing is verification that you own the domain, through

Aw man! I wanted to inject adverisments!

[thevirtualcat]

Yes. Please. HTTPS all the time, everywhere.

It's one thing when the free WiFi at the shady computer store down the street does it. But even for-pay WiFi hotspots are doing it now. (Looking at you, Southwest Airlines In-flight WiFi...)

Slashdot?

[jones_supa]

When will Slashdot catch up? I still can't use this site in HTTPS without subscribing. Being able to browse securely is a standard feature these days.

Re:

[wiredlogic]

We're still waiting for the Unicode support that was already implemented in slashdot.jp years ago.

Re:

[jones_supa]

Acchh, indeed...damn I'd want Unicode support too...

Re:

[jones_supa]

It sounds like that in your workplace your browser connected to the proxy using HTTP and asked the proxy receive the actual page using HTTPS.

What about the cost of NOT having it?

[RivenAleem]

What is the cost to the user of having their communications intercepted, banking details stolen etc etc.

That's like saying that putting locks on your doors has an added cost of you requiring more time every day getting in and out because you have to take time to turn a key. It also means that local corporations can't send people by to inject "value added" services into your home without your consent! Are you ready to accept locks on your doors?

Re:

[RivenAleem]

Oh, I get you! We should only put locks on specific areas of our house. Leave the front door unlocked, but perhaps have a lock on the bedroom and bathroom. After all, there should be no real reason why the contents of your fridge should be kept secure, and if your local supermarket was allowed send in staff members to people's houses at random (or targeted if they notice you haven't been shopping with them lately) to check where you have been shopping recently and what you have been buying, so they can deli

WTF...

[EndlessNameless]

Stupid article. Making a mountain out of a mole hill.

How hard is it to push a certificate to your clients so they trust your proxy? How hard is it to setup a cache there? And monitoring/filtering? Not very hard.

We do this at work, and it is dead simple for halfway competent admins to implement.

What this really does is stop telecoms from monkeying with their users' traffic. By default, anyway.

Most ISPs provide Windows installers/optimizers to their users, which their users dutifully click through without understanding. So they could just install their certificates and continue business as usual---with very little effort, all things considered. They might need beefier proxies to handle encryption, but CPU time is cheaper than ever.

Re:

[SuricouRaven]

You don't even need to know how to do it - Smoothwall automates most of the process so even an A+ certified tech could figure it out. Probably.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[SuricouRaven]

I've not seen any patential control software that runs as a proxy server. It's all browser plugin. I'm surprised at this - given that many homes now have several laptops, a few more tablets and a mobile phone each, maintaining one proxy is a lot less hassle than ten browser plugins across four different operating systems.

... Is about the least of it

[RabidReindeer]

I've no doubt that the overhead of https can be more than paid for if website designers would lay off the Singing Flowers and Dancing Fairies. Toss the gratuitous multi-media. Especially the auto-playing stuff. It's cheap and cheesy and makes me seriously think of avoiding the site altogether, whether it's local content or 3d-party adverts.

And while you're at it, calculate the slow-filling parts of the page in advance so that the [censored] thing doesn't bounce up and down like a demented ping-pong ball as it loads. The only thing more irritating than having a page continually re-map itself while you're reading it is to have the stupid thing auto-reload and throw you back to the top of it.

Re:

[drinkypoo]

The only thing more irritating than having a page continually re-map itself while you're reading it is to have the stupid thing auto-reload and throw you back to the top of it.

My very favoritest thing is when an element moves over just slightly just as I was about to click it, and I click its neighbor instead.

Hmmm. Not a hard tradeoff for me.

[anegg]

The tradeoff is between a little more time, and a little more resources, against the benefit of keeping my communications private and unaltered by all of the middlemen through which my communications pass. That's a no-brainer for me.

In the days before the exposure of Verizon's (and others) schemes to actually interfere with the content of communications from their customers passing through their network (I'm talking about the physical modification of the communications content, and not just traffic management/prioritizing), I may have had a different opinion about the tradeoffs. But now that the "common carriers" have shown that they have no morals what so ever with respect to the content of traffic they are carrying through their networks, SSL encryption is simply a necessary function to prevent interference.

Today that interference may be limited to tracking user activity using an additional HTTP header that the user never knows exists. Who knows what packet re-writing magic might be used by the carriers in the future to completely "customize" each user's experience interacting with third parties to the benefit of the carrier?

Look forward and the answer is clear

[Eponymous Coward]

Proxying and caching was a huge win back in the analog modem days. These days it is still a win, but not as big. Looking forward, the costs associated with having a secure connection are only going down while the value of the secure connection is holding steady or maybe increasing.

Network services

[sgunhouse]

Let's see, on the useful side we have compression/acceleration and parental controls. Would it also interfere with ad blockers and anti-malware? Those are also useful services. Services we as consumers don't want are those ads certain low-cost carriers insert in content - though if blocking those forces the carrier to shut down we might have a problem. And of course we also don't want those Big Brother services - governmental content blocking and monitoring.

Re:

[SuricouRaven]

It interferes with non-browser-based ad blockers. Which are common still on corporate networks, though rarely at home. You can still block by DNS even then, it's just not so fine-grained. Fortunately you rarely need fine-grained to stop advertising.

Drop HTTP completely?

[jones_supa]

What would you think about a hardened web browser which would only allow HTTPS connections? It might be a feasible idea already.

Re:

[danbob999]

Current browsers prefer HTTP over HTTPS. That's why you don't get any security warning when you connect to a HTTP site but you get a death warning when you visit a self-signed certificate HTTPS site.

Re:

[jones_supa]

We could begin with a toggleable toolbar button which would lock the browser in HTTPS-only mode. Then we could educate users that when you want to avoid man-in-the-middle attacks, flip this switch on.

Re:Drop HTTP completely?

[bunratty]

The problem with HTTP is that a middleman can see and alter content. If a browser doesn't warn when it encounters a self-signed certificate, then HTTPS would be no more secure than HTTP -- all the middleman has to do is use a self-signed certificate to decrypt/encrypt packets as needed. So browsers do prefer HTTPS, when the certificate can be verified. If you're using HTTPS and the certificate can't be verified, it's no more secure than HTTP unless the user is warned, and in fact it's a way of detecting that a middleman may be present. That's the whole reason for the death warning!

Re:

[bunratty]

There isn't such an extension already? If there isn't, someone should write one or alter an existing one to add that functionality, at least as an option. Then people should try it and let us know how painful it actually is to use. My guess would be: extremely painful for most users for the next several years, so painful that hardly anyone would use it willingly. Maybe some businesses could force it on their employees.

Re:

[jones_supa]

Using something like Tor involves some pain too. Some people would probably be interested just for the security boost.

Re:

[oodaloop]

What, and not be able to post on Slashdot? No thanks.

Re:

[cen1]

I believe HTTP 2.0 will pretty much require HTTPS at all times. So maybe in 20 years?

caching, proxying, firewalling, parental control

[nitehawk214]

Or as the rest of us like to say... stopping man in the middle attacks.

Caching

[bigman2003]

I work at a place with many distributed offices. A lot of these offices are large enough to have their own IT staff who make decisions locally.

Some of those bozos felt the need to have very aggressive caching servers. Aggressive enough that on any non-https website, it was impossible to differentiate between users or deliver new content. So any web apps we rolled out had huge problems if multiple users were logged in- or even better, a page would never update because it already existed in the cache. Ess

Re:

[drinkypoo]

Some of those bozos felt the need to have very aggressive caching servers. Aggressive enough that on any non-https website, it was impossible to differentiate between users or deliver new content.

If the server ignores your cache-pragma then the server is not just aggressive, it is broken. If you failed to set your cache-pragma then your app is broken, not the proxy. You didn't provide enough information to determine which was the case, and I wouldn't be surprised if some proxies ignored the pragma and some didn't.

Compression: Reduced RF energy

[Theovon]

Now, I'm not sure how HTTPS works, but when you use something like PGP, it first compresses the data in order to increase the entropy, making it harder to crack. So while we're spending more CPU cycles on compression and encryption, doesn't the reduced transmission payload more than offset the cost of the computation? In general, communication is WAY more expensive (in terms of energy) than computation.

Damnit, I'm going to have to read the article to find out if they did this right. :)

Re:

[drinkypoo]

You can still compress the content sent inside of HTTPS just as you would with ordinary HTTP, it's just HTTP+SSL. But you can have that with or without HTTPS.

Re:

[Bengie]

Compressed data leaks information. There have been many side-channel attacks using the resulting size of the data and figuring out what information is in there. Pretty much, statistical analysis.

google's statement on https

[TheGratefulNet]

https://www.imperialviolet.org... [imperialviolet.org]

in short, there is no cpu overhead anymore, in today's compute systems. https is not a barrier due to processing, at least.

If it comes from an authoritative source...

[istartedi]

If it comes from an authoritative source, Slashdot is less likely to question it. If it comes from me, I'm an idiot trying to run a slow box in the 21st century [slashdot.org].

Lots of people are commenting here about how they want to inject ads. No threads are blasting them for suggesting that HTTPS can slow your browsing experience.

Re:

[phantomfive]

If you are upset because https at Google slows your internet experience, then never look at the size of the source code for that 'simple' page. Last time I checked, it was 400k.

So ends a fad

[An Ominous Coward]

And thus the beginning of the end of the RESTful fad. Not that there's anything wrong with RESTful architecture per se, but as a fad it has been shoe-horned by ideologues into so many inappropriate domains lately: embedded P2P, M2M spaces, etc. Sure, it makes sense for one-to-many patterns involving human-readable, human-discoverable resources, particularly of semi-static resources that can be cached and proxied by middle agents. But of course that later part only works for unsecured transactions. So now th

Re:

[phantomfive]

I don't think it's going to end soon; nearly every new web framework that comes out depends on RESTful stuff. It's going to get bigger before it gets smaller.

Middle Boxes

[acoustix]

You can do caching, proxying, firewalling, parental control, etc with HTTPS. Create a certificate on those boxes and push it out to the client devices. You can then see all encrypted traffic. Problem solved.

Re:

[mwvdlee]

Things like compression, firewalls and proxying definitely add value to me as a user.
But it's a value I'd happily trade in for the value of security and privacy.

Re:"S" in quotes, but not services or value added?

[Immerman]

There's also a point to be made that while many somebodies would, just on general principles, love to know everything you watch on Netflix, etc, in most cases the actual privacy invasion of such knowledge is almost certainly far lower than would be gotten from library records in days of old. We're talking about what mass-market pablum you choose to waste your time with - it may help somewhat in building a psychological profile, but it's unlikely to reveal many details. So leaving such high-bandwidth mass-distributed data unencrypted could allow us to still use caching for the data which benefits most.

On the other hand, your YouTube watching habits are potentially far more revealing. But by the same token the viewership for any given video is generally far lower, and with it the benefits of caching, so the cost/benefit ratio probably comes down strongly in favor of encryption there. If the NSA wants to know my viewing habits, let them buy the data from Google. And Google, I'm counting on you making a tidy profit selling that data. Don't cheap out on me. The expense needs to be enough to that they only buy the data on the specific individuals they're already suspicious of.

Re:Sounds good to me

[TWX]

Yes. COX is an offender for certain.

An interesting thing of it though, it's possible to man-in-the-middle HTTPS. It requires one to be a router in-stream, and to proxy the traffic, and to report one's own SSL information to the web client, then to decrypt, and re-encrypt when proxy-requesting from the server.

This is actually normal behavior on corporate networks. Cisco has products that are specifically designed to do this. An interesting way to see if it's going on is to use a new browser with HTTPS Everywhere running with the SSL Observatory turned on in the wild, then use it on a corporate network and see if one gets warnings.

Re:Sounds good to me

[Anonymous Coward]

To do this, the client must have a root certificate installed by the man-in-the-middle meddler that spoofs all domain names. Not an easy task unless you're a corporation providing a computer to your employees.

Re:

[dreamchaser]

Mod parent up. I was going to post the same thing. There are numerous appliances and software solutions used by enterprises to do this, but to do it seamlessly you have to install a new certificate on the client machine.

Re:

[TWX]

Well, I don't know the technical details of it, but I've seen a BYOD environment that successfully did it, without having any directory services on the personal devices.

Re:

[dave420]

It's impossible, thanks to HTTPS's encryption method. The MITM can't decrypt packets encrypted with the real server's key, so in order for the MITM to have an encrypted session with the client, it has to use its own certificate. So I think you're mistaken :) I'd love to be proved wrong, however scary the implications.

Re:

[jhantin]

Even better: use TLS mutual authentication with client certificates. Even if your user-agent can be forced into trusting the MITM's CA, the origin server will be tipped off to the interception because the MITM won't be able to forge a client certificate.

Re:Sounds good to me

[RatherBeAnonymous]

This is an easy one.

User: "Hi, I'm getting an error message when I go to my bank site."

Tech Support: "Oh, that's normal. Just click here, check that box, and then OK. In the mean time, go to our Internet troubleshooter. It will make sure you never see this error again."

User: "Thanks! You've been exceptionally helpful and I'm going to send your supervisor a positive review!"

Re:

[Bengie]

What? Server side certs are so the client can trust the server. Once the connection is secured and the client trusts the server, then the client authenticates with a user/pass. The user/pass is in place of the cert. Client certs is a pain, you need to not only store all of them, but you need to validate they're signed by a CA, also meaning each user needs to purchase a cert from a recognized CA. Have fun logging into your email or whatever web service from a computer other than your own. You'd have to insta

Re:

[tom17]

What? I think this thread is going off track somewhat. I don't think Dave420 was talking about Client Auth certs. He was talking about root certs installed on the clients. Without the standard set of root and intermediate certs installed on the client (Installed by default on web browsers and some other clients such as Java virtual machines etc), TLS will not work (Well it will, but there will be warnings).

What Dave420 meant was that for the appliances and software solutions that cache/inspect the TLS traff

Re:

[WaffleMonster]

You need both at the same time to make a session that is MITM resistant.

Over the years I've run into more than a few people who think this. I don't know quite where the meme comes from yet I suspect it to be based on incorrect assumptions about how the technology actually operates.

If you are making a judgment the whole house of cards of hundreds of global CA is not worthy of your trust that is quite a reasonable and understandable position..

If you are saying the user will just click "continue" when they get a scary certificate warning this is also quite a reasonable and unders

Re:

[TheGratefulNet]

in a corp network, you usually have laptops that are gen'd by the corp IT guys. that means - 99.9% of the time - they come pre-installed with evil certs. and a firewall that is surely a mitm node along your path.

10 yrs ago (or more) I was interviewing for netmgt jobs (this being my main field) and they were all about sniffing, dpi and mitm bullshit. really turned me off! but those were the jobs 10 yrs ago and they have not changed, over time. netmgt is still more about spying, these days, than true net

Re:

[Grizzley9]

Yes. COX is an offender for certain.

Can you describe what you mean by this? I'm a Cox subscriber am unsure of your claims of them injecting "their own junk in HTML pages". I have Adblock and HTTPS everywhere extension on so maybe I don't notice it?

Re:

[gbjbaanb]

You can see it - look at arstechnica.com and if you view the html source you'll see a large comment section embedded in it advertising some braindeadpayments.com system.

It works as a little game apparently, so you can put tokens in the URL (of the advertised site, not the injected site) and it'll play some slots game.

I really doubt Ars put it there, so its been injected along the way.

Re:

[jones_supa]

The content in the CDN server is cached in unencrypted form.

Re:

[dave420]

There's absolutely no reason why it has to be, if it is indeed done that way.

Re:

[hawguy]

There's absolutely no reason why it has to be, if it is indeed done that way.

No reason except for that's how SSL works... Otherwise you get no end to end encryption or assurance that some third party (like the CDN itself) hasn't modified the page. The CDN can't grab an SSL protected page from the host and serve it to browsers with having access to the unencrypted page.

The CDN could retrieve content over SSL, store it as plaintext, and reencrypt with a new ssl certificate (supplied by the host website) it before serving it to you but that's just a specialized case of MITM that many

Re:

[gbjbaanb]

the internet has never been end-to-end, its always been packets shovelled through a myriad of devices routing your packets to the destination.

Stuff like caching and proxying are useful to the well-being of the internet, if I am watching the same movie as the guy next door, we don't need twice the bandwidth to the datacentre that's located in god-knows-where. Local cache makes things work a lot faster.

I suppose Google can afford to puts its own caching proxies across the globe, so its not much of a problem f

Re:

[drinkypoo]

Stuff like caching and proxying are useful to the well-being of the internet,

Yes. That's true. But browsers do cache content sent by HTTPS, unless the content has settings which prohibit it, e.g. "Pragma: no-cache". Any dynamic content should have its pragma set so that it won't be cached, anyway. Anything else shouldn't, and the browser will cache it.

ISPs which put transparent proxies in usually aren't doing it to save bandwidth between them and the internet. It's usually done so that they can recompress the images sent to your browser to reduce the bandwidth on that link, to make

Re:

[fuzzyfuzzyfungus]

I'm not sure how this is related to HTTPS. Are you saying that Verizon was previously running a transparent proxy that automatically munged the sites you browsed and made them smaller? Have you excluded the likelihood that they've just gotten even fatter over time?

Much of the daily-headlines stuff isn't encrypted anyway; but, even if it is, it is entirely possible to proxy, modify, and otherwise manipulate in-transit HTTPS traffic as long as your client(s) trust your proxy as a CA. It's not pretty; but i