HTTPS & TLS Encryption

Hyperlink Text Protocol System

Hypertext Transfer Protocol Secure

Home Entertainment Protection Service

Highly Encrypted Privacy System

To encrypt data between browser and web servers

To display green padlocks on websites

To track user browsing history

To block access to certain websites

2.5%

10%

5.5%

8%

Man in the middle attacks

Tainted channels

Full-on leaky bugs

Partially leaky bugs

Allowing attackers to decrypt traffic

Enabling attackers to modify or manipulate traffic

Exposing session cookies

Displaying fake green padlocks

They are easily fixed

They only affect the main domain

They can create a ripple of exposure in the overall population

They can lead to website downtime

To exploit vulnerabilities for personal gain

To shut down websites with vulnerabilities

To develop a tool to identify overlooked TLS vulnerabilities

To ignore the vulnerabilities

They are impossible to exploit

They are critical vulnerabilities

They are not appealing targets for hackers

They are easily fixed by web developers

They slow down website loading times

They have no impact on security

They amplify vulnerabilities across related domains

They strengthen the security of websites

To shut down the websites

To improve overall web security

To sell the vulnerabilities to hackers

To increase website traffic