all InfoSec news
Quantifying User Password Exposure to Third-Party CDNs. (arXiv:2301.03690v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Web services commonly employ Content Distribution Networks (CDNs) for
performance and security. As web traffic is becoming 100% HTTPS, more and more
websites allow CDNs to terminate their HTTPS connections. This practice may
expose a website's user sensitive information such as a user's login password
to a third-party CDN. In this paper, we measure and quantify the extent of user
password exposure to third-party CDNs. We find that among Alexa top 50K
websites, at least 12,451 of them use CDNs …
alexa cdn connections distribution exposure find https information login may measure networks party password performance practice security sensitive information services third third-party traffic web web services website websites web traffic