Sign In

Communications of the ACM

ACM TechNews

Researchers Sound Alarm on Web App 'side Channel' Data Leaks


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
sign showing data leak

Credit: blog.rootshell.be

Researchers who have tested the security of popular online tax, health, investing, and search sites report that the Web applications are becoming more vulnerable to data leaks. The team from Microsoft and Indiana University note that encryption does not prevent the exposure of data passed back and forth between a Web client and server. Side-channel data characteristics such as packet size and timing give network eavesdroppers the opportunity to gather information on program and site users.

The vulnerability could become "an unprecedented threat to the confidentiality of user data processing by these applications," according to the researchers. Moreover, programs that use newer Web technology, such as the AJAX programming language, could be more vulnerable to data leaks.

From Network World
View Full Article

 

Abstracts Copyright © 2010 Information Inc., Bethesda, Maryland, USA


 

No entries found