Tuesday, 9 December 2014

Ever Cared to Know Why on Some Sites You Find HTTPS instead of HTTP ?

Dear Geeks,

            Pleasure to meet you again ! I am very sure you all had this doubt on your mind at some point in time that really, WTF is that "s" after http:// tag ???? and why it is even there ?

            Most of you must have seen it when you are using Facebook. Right ?

Lets find out !

HTTPS is a significantly more secure version of HTTP, which is the protocol you generally use to load up your webpages (whether you're aware of it or not). HTTP stands for Hypertext Transfer Protocol, so HTTPS stands for the same thing but with Secure on the end of it. This is because, as Wikipedia will tell you, HTTPS is "a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encrypted communication and secure identification of a network web server."

Why You Should Care

So yeah, you get it: HTTPS provides additional security, but what does that actually mean when you're browsing the web every day? It basically means you're protecting your private information from people who want to steal it using readily availably tools like Firesheep.

It means when you enter your password or your phone number or anything personal on Facebook—or any other site offering HTTPS—that data will be encrypted as it flies through the great tubes of the internet.
Think of it like this: you're having a private conversation with your new boyfriend or girlfriend, and your ex—unbeknownst to you—is a few tables over listening to every word. That's the sort of risk HTTP poses, whereas HTTPS would be more like if you and your new romantic interest were speaking a new language that only the two of you understood. To your stalker of an ex, this information would sound like gibberish and she wouldn't get any value from listening if she tried. HTTPS is a way for you to exchange information with a web site securely so you don't have to worry about anyone trying to listen in.
HTTPS is enabled by default on most sites that take sensitive information like your credit card number so you're generally good to go when buying online. Every browser has its own way of representing whether a site is secure, but generally you'll see a lock icon in your browser's address bar. There are varying degrees of security, however, since sometimes emails have attachments coming from insecure sites. If you want HTTPS everywhere, the Electronic Frontier Foundation's (EFF) aptly named HTTPS Everywhere is a Firefox extension to provide that functionality. They also recommend KB SSL Enforcer for Chrome users, but have found that it isn't implemented as securely (which could be a limitation of the Chrome extension framework).
Try it on your Facebook !
I know since all my Geeks love Facebook, Let me give you the way by which you can enforce it in Facebook. Its very simple :
Just go to : Account Setting -> Account Security
Then you will find a checkbox to wether to apply HTTPS or not. Just tick it. 
And here it goes. Reload it and BAM !! You are now encrypted !
And ya btw, you are most welcome fellow Geeks ! ;)

No comments:

Post a Comment