Researchers who have tested the security of popular online tax, health, investing, and search sites report that the Web applications are becoming more vulnerable to data leaks. The team from Microsoft and Indiana University note that encryption does not prevent the exposure of data passed back and forth between a Web client and server. Side-channel data characteristics such as packet size and timing give network eavesdroppers the opportunity to gather information on program and site users.
The vulnerability could become "an unprecedented threat to the confidentiality of user data processing by these applications," according to the researchers. Moreover, programs that use newer Web technology, such as the AJAX programming language, could be more vulnerable to data leaks.
From Network World
View Full Article
Abstracts Copyright © 2010 Information Inc., Bethesda, Maryland, USA
No entries found