Network operators can snoop on people's browsing habits and see any webpage they visit thanks to a newly uncovered HTTPS attack.
The attack works by bypassing the HTTPS encryption which is supposed to prevent this happening. HTTPS would normally prevent the operator seeing the URLs visited by users, but a new technique abuses Web Proxy Autodiscovery and exposes browser requests to any code the network owner wants to fling at it.
Itzik Kotler, CTO and co-founder, and Amit Klein, VP of security research, at security firm SafeBreach will demonstrate how the attack works at next week's Black Hat conference in a talk entitled Crippling HTTPS with Unholy PAC.
"We will demonstrate that, by forcing your browser/system to use a malicious PAC (Proxy AutoConfiguration) resource, it is possible to leak HTTPS URLs," the pair wrote on the Black Hat site.
"We present a comprehensive browser PAC feature matrix and elaborate more about this cross-platform (Linux, Windows, Mac) and cross-browser (IE, Chrome, Safari) threat."
This isn't the first time that the HTTPS protocol has allegedly been cracked. Documents released by whistleblower Edward Snowden showed that the US National Security Agency has been at it for years by exploiting certain variations of the Diffie-Hellman key exchange algorithm, a common way to exchange cryptographic keys over untrusted channels.
A story emerged earlier this year suggesting that internet users could bypass ISP blocks on torrent sharing and other media streaming sites of dubious legality simply by adding an 's' to the end of 'http' in the address.
Why does Facebook store "my entire call history with my partner's mum", asks developer who requested his Facebook data
Facebook database included text-message metadata - despite not using Facebook Messenger for SMS
Before Ocado could start selling the technology it had developed to other retailers, it had to tear down and rebuild its own monolithic architecture
Successful attack could result in harm to patients and financial loss, warns NHS governing body
Guccifer 2.0 claimed to be a lone Romanian hacker - until a schoolboy error gave him, her or them away