High-speed IPv4 scanners, such as ZMap, now enable rapid and timely collection of TLS certificates and other security-sensitive parameters. Such large datasets led to the development of the Censys search interface, facilitating comprehensive analysis of TLS deployments in the wild. Several recent studies analyzed TLS certificates as deployed in web servers. Beyond public web servers, TLS is deployed in many other Internet-connected devices, at home and enterprise environments, cyber physical systems, and at network backbones. In Apr. 2017, we reported the results of a preliminary analysis based on measurement data of TLS deployments in such devices (e.g., routers, modems, NAS, printers, SCADA, and IoT devices in general) collected in Oct. 2016 using Censys. We also compared certificates and TLS connection parameters from a security perspective, as found in common devices against top Alexa sites. Censys has evolved since then and its data volume has increased with the addition of several new device types. In this paper, we perform a similar but more comprehensive measurement study to assess TLS vulnerabilities in devices, and compare our current results with our 2016 findings, showing how such systems have evolved in the last one and half year. Indeed, there are noticeable improvements in the TLS ecosystem for devices, especially in terms of adoption of TLS itself (from 29.4% in 2016 to 73.7% in 2018) and stronger cryptographic primitives. However, we also note the continuity of significant weaknesses in devices for which immediate remediation is warranted (e.g., the use of known private keys, SSLv3, MD5-RSA, and RC4). We have also contacted the top manufacturers of vulnerable devices to convey our findings. Most of them blamed users for not updating their devices with latest firmware images that apparently would mitigate the reported findings.
Recently, high-speed IPv4 scanners, such as ZMap, have enabled rapid and timely collection of TLS certificates and other security-sensitive parameters. Such large datasets led to the development of the Censys search interface, facilitating comprehensive analysis of TLS deployments in the wild. Several recent studies analyzed TLS certificates as deployed in web servers. Beyond public web servers, TLS is deployed in many other Internet-connected devices, at home and enterprise environments, and at network backbones. In this paper, we report the results of a preliminary analysis using Censys on TLS deployments in such devices (e.g., routers, modems, NAS, printers, SCADA, and IoT devices in general). We compare certificates and TLS connection parameters from a security perspective, as found in common devices with Alexa 1M sites. Our results highlight significant weaknesses, and may serve as a catalyst to improve TLS security for these devices. * This is the tech-report version (March 17, 2017) of an FC 2017 paper [29]; new additions: analysis on certificate issuers, certificate reuse, DH prime number reuse, stronger cipher suites, and device type ranking (Section 4).
Several past measurement studies uncovered various aspects of web-based tracking and its serious impact on user privacy. Most studies used institutional resources, e.g., computers hosted at well-known universities, or cloud-computing infrastructures such as Amazon EC2, confining the study to a particular geolocation or a few locations. Would there be any difference if web tracking is measured from actual user-owned residential machines? Does a user's geolocation affect web tracking? Past studies do not adequately answer these important questions, although web users come from across the globe, and tracking primarily targets home users. As a step forward, we leverage the Luminati proxy service to run a measurement study using residential machines from 56 countries. We rely on the OpenWPM web privacy measurement framework to analyze third-party scripts and cookies in 2050 distinct URLs (Alexa Top-1000 home pages and Alexa Top-50 country-specific home pages for all 56 countries, and shared URLs via Twitter from Alexa Top-1000 domains for 10 countries). Our findings reveal that the prevalence of web tracking varies across the globe. In addition to location, tracking also seems to depend on factors such as data privacy policies, Internet speed and censorship. We also observe that despite legal efforts for strengthening privacy, such as the EU cookie law, violations are common and very blatant in some cases, highlighting the need for more effective tools and frameworks for compliance monitoring and enforcement.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.