Companies should never try to intercept their users' encrypted traffic

Lenovo's disgraceful use of Superfish to compromise its users' security is just the tip of the iceberg: everywhere we look, companies have decided that it's a good idea to sneakily subvert their users' encryption.

The public key infrastructure that underpins HTTPS is a delicate, highly engineered thing. Companies disable this encryption for stupid, short-sighted reasons (usually to insert ads), but in so doing, they open users to a broad spectrum of attacks, including bank fraud and health, legal and personal information leaks.

So what can we learn from this Lenovo/Superfish/Komodia/PrivDog debacle? For users, we've learned that you can't trust the software that comes preinstalled on your computers—which means reinstalling a fresh OS will now have to be standard operating procedure whenever someone buys a new computer.

But the most important lesson is for software vendors, who should learn that attempting to intercept their customers' encrypted HTTPS traffic will only put their customers' security at risk. Certificate validation is a very complicated and tricky process which has taken decades of careful engineering work by browser developers.2 Taking certificate validation outside of the browser and attempting to design any piece of cryptographic software from scratch without painstaking security audits is a recipe for disaster.

Let the events of the last week serve as a warning: attempting to insert backdoors into encryption as Komodia attempted to do (and as others have called for in other contexts) will inevitably put users' privacy and security at risk.

Dear Software Vendors: Please Stop Trying to Intercept Your Customers' Encrypted Traffic
[Joseph Bonneau and Jeremy Gillula/EFF]