> We deployed these heuristics on three
diverse networks:
> (1) Mozilla Firefox update servers,
> (2) a set
of popular e-commerce sites, and
> (3) the Cloudflare content
distribution network.
> In each case, we find more than an order of
magnitude more interception than previously estimated, ranging
from 4–11%.
> As a class, interception products drastically
reduce connection security. Most concerningly, 62% of traffic
that traverses a network middlebox has reduced security and
58% of middlebox connections have severe vulnerabilities. We
investigated popular antivirus and corporate proxies, finding that
nearly all reduce connection security and that many introduce
vulnerabilities (e.g., fail to validate certificates).
> We deployed these heuristics on three diverse networks:
> (1) Mozilla Firefox update servers,
> (2) a set of popular e-commerce sites, and
> (3) the Cloudflare content distribution network.
> In each case, we find more than an order of magnitude more interception than previously estimated, ranging from 4–11%.
> As a class, interception products drastically reduce connection security. Most concerningly, 62% of traffic that traverses a network middlebox has reduced security and 58% of middlebox connections have severe vulnerabilities. We investigated popular antivirus and corporate proxies, finding that nearly all reduce connection security and that many introduce vulnerabilities (e.g., fail to validate certificates).