We at Canada Cyber have noticed an increased amount of traffic using the QUIC UDP protocol delivery system that is provided by google.
It’s exciting to see what security implications this bring, as things like
Session Hijacking for standard UDP is considerably easier than TCP. Since UDP
does not use packet sequencing and synchronizing; it is easier than TCP to takeover
UDP session. The hijacker has simply to falsify a server reply to a client UDP
request before the backend server can reply. If wire sniffing is used then it
will be easier to control the traffic generating from the side of the server
and therefore limiting server’s reply to the client in the first place.
Now with this new QUIC protocol it's going to be harder to do the above as the sessions as it encrypts the entire transport channel.
1. If you are using a google server, and the Chrome browser, you will notice a much faster internet experience.
1. Other Browsers, that do not currently support QUIC.
2. Firewall and IDS systems as its much harder to inspect the current QUIC UDP sessions.
3. Competing TCP sessions. as they are going to lose when compared with QUIC UDP sessions that most current security Sensors do no inspect at all yet.