Monday, April 25, 2011
How to Stay Safe with HTTPS
The continuing increase in the number of malicious tools on the internet is taking its toll on web users. The online community is now beset with various security threats like identity theft, viruses, and other things that threaten online safety. For example, one of the latest malicious tools, Firesheep, is capable of stealing passwords for email and social networking accounts.
To address this disturbing situation, the Electronic Frontier Foundation (EFF) and Access are now campaigning for the international deployment of HTTPS through HTTPS Now. Its main objective is to improve security measures and make web surfing safer by calling on users to join them in their campaign. This includes, among other things, spreading the word about HTTPS Now and how to make full use of HTTPS security features by using it correctly.
HTTPS, or Hypertext Transfer Protocol Secure, uses encryption technology to provide optimal protection. Before a user’s request is sent by the browser to the server, it is first encrypted. In return, the resulting pages are also encrypted, making the data contained therein “unreadable” by anyone while it is being sent to the user’s computer. This makes HTTPS web surfing more secure as compared to HTTP (Hypertext Transfer Protocol) alone. Even now, many websites have still not moved away from HTTP, which is unencrypted and susceptible to several kinds of threats.
The HTTPS Now campaign has three major components. These are: web surfing protection, survey of the overall status of HTTPS deployment, and helping site operators implement HTTPS. A minor component of the campaign is the sharing of updated tools that users can use to guard their web browsing.
The installation of HTTPS Everywhere by web users is the first component of the campaign. The EFF and the Tor Project created this security tool for the Firefox browser. This is capable of automatically encrypting a user’s browsing, thus changing it from HTTP to the more secure HTTPS.
Many websites are still using HTTP and are still vulnerable to malicious attacks, as admitted by the EFF and Access. This is the focus of the second component of the campaign; calling on users to give feedback on whether the sites they visit are using HTTPS or not. They believe that a relatively accurate picture on the extent of internet security and HTTPS use can be provided by user-generated information.
The third element is providing support to website operators regarding existing resources in learning how to use HTTPS correctly. These detailed resources are especially made for the deployment of the HTTPS tool. The purpose of which is to give website operators a full understanding of the value of using HTTPS.
Web users are encouraged to work with the EFF and Access, who believe that web users can give a correct picture of HTTPS and its current deployment status. Taking all of these together, they will find it easier to target those web operators who need to modernize their sites. The partnership can help reduce, if not eliminate, privacy threats and lead to safer web surfing.
Image courtesy of:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment