Hi,
I have a particular problem that I need some help in attempting to solve. I have recently started with a new company as their chief architeract and was dumb-founded to discover that their entire product suite is insecure. I do not have the time or resources at the moment to completely address the issue so I am looking for any ideas that could help put some sticky plaster on the issue until I can get back to it.
The problem:
The applications are web based and ran on client's internal network, not on the www. The server after login completely trusts what is sent from the client (browser sending Ajax requests). The connection is over ssl with mutual authencation certs on both sides. The client uses JavaScript to build up a message and send to the server - the data comes back and is processed with JavaScript, Dom updated and the user is happy. However I have recently discovered that a user can sniff the https traffic using a locally installed sniffer (fiddler or blurp for example) and capture the http request change it and get data back from the server. Thus see other users account information. Very serious I know.
I have read quite a few articles in the area and none seem to provide much of a solution to the problem. The usual never trust the client, validate on both sides but I don;t have the time. What I was hoping to do was encrypted the message and unencrypt it on the server side. But in order to do this I would need to expose the client to the key used to encrypt the message thus compromise the message.
Can anyone shed some light on the issue or suggest articles that may help in identifying a solution?
Thanks in advance.
