Your IT Consultant

HTTPS is Good – Not a Magic Bullet

July 13, 2016

Most users of the Internet know that a URL with HTTPS means the site is secure. Many advocates even say that the "S" stands for security. Well, not so fast. There are ways to compromise the certificates that help ensure that the connection is secure. It can happen, but fortunately not that often. Many websites that deal with commerce, money, health information and other important data use HTTPS to secure the transmission of information. There is now a push by Google, Mozilla (provider of Firefox), the Electronic Frontier Foundation (EFF) and several others to have every website adopt HTTPS.

Right now the browsers show HTTPS connections as green or a lock symbol or some other mechanism to indicate a secure connection. The plan would be to show non-HTTPS connections as insecure with some sort of red symbol. In other words, HTTPS would be assumed to be the default connection without any special designation and regular insecure HTTP connections would be called out. Google is even impacting the search results ranking of a site if the connection is not HTTPS. Right now you don't get penalized much for not using HTTPS, but I think it will begin to have a much heavier weight in the months to come. The message here is secure your site with HTTPS so you stay up in the search results.

E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com