Communications of the ACM

Home/News/Researchers Sound Alarm on Web App 'side Channel'.../Full Text

ACM TechNews

Researchers Sound Alarm on Web App 'side Channel' Data Leaks

By Network World
March 31, 2010
Comments

View as: Print Mobile App Share:

sign showing data leak — Credit: blog.rootshell.be

Researchers who have tested the security of popular online tax, health, investing, and search sites report that the Web applications are becoming more vulnerable to data leaks. The team from Microsoft and Indiana University note that encryption does not prevent the exposure of data passed back and forth between a Web client and server. Side-channel data characteristics such as packet size and timing give network eavesdroppers the opportunity to gather information on program and site users.

The vulnerability could become "an unprecedented threat to the confidentiality of user data processing by these applications," according to the researchers. Moreover, programs that use newer Web technology, such as the AJAX programming language, could be more vulnerable to data leaks.

From Network World
View Full Article

No entries found

Researchers Sound Alarm on Web App 'side Channel' Data Leaks

FBI Shuts Down China's 'Volt Typhoon' Hackers Targeting U.S. Infrastructure

Rebuttal How-To: Strategies, Tactics, and the Big Picture in Research

'On Expert Testimony': A Response