An insight into secure web browsing. Part 1.
Most of us send a huge amount of information across the web every day. Some of it is casual, some personal, some of it is private and confidential. Much like talking to a friend, doctor or bank manager you probably wouldn’t want a stranger listening to your conversations. HTTPS helps to protect your conversations and my aim here is not so much to explain how it works (hint: it’s pretty technical) but to help you to understand how to take advantage of it.
I should point out that HTTPS is not without flaws. It is not a panacea, it will not protect us from websites being compromised and you will still have to be alert to the dangers on the web.
Imagine your computer talking to another computer on the internet is like you talking to someone on the telephone. If someone were to tap into the wires (or airwaves) connecting the two telephones, they’d be able to listen into your conversation. Now if you happen to be talking to your bank, you see why that might be a problem.
HTTPS means that the conversation is secured, much like talking in code on the telephone. You would agree a code with your bank and nobody else knows that code, so even if someone listens to the conversation it would be meaningless to them. Another protection is that if the person picking up the phone doesn’t know the code, that would alert you that the person you’re talking to is not your bank, in much the same way that if the website you’re looking at is not the legitimate website that you wanted, there will likely be indicators that it’s a fake.
So what does it look like?
Unfortunately every browser and operating system looks a little differently so I can’t be precise here but I’ll do what I can. A few examples should give you a fair idea of what to look out for and you’ll quickly learn to recognise the differences on your computer. If a website is secured, almost every web browser will have some indication in or around the address bar.
Below is a screenshot of Twitter using an unsecured (HTTP) connection, using IE 8 on Windows XP…
And below is the same website, same browser, same computer but this time using a secured (HTTPS) connection…
Notice that the website address starts with HTTPS, the address bar has turned green and there is a padlock symbol to the right.
Here’s the same website in Firefox, unsecured (on the left) and secured (on the right)…
Notice this time the green button to the left of the address bar with the name of the company that owns the website.
And once more in Chrome…
Notice this time that when browsing with a normal unsecured connection Chrome doesn’t even show the usual HTTP:// prefix (don’t even get me started on this!) but when the connection is secured it shows a padlock and the trusty HTTPS:// in green.
So how can we use HTTPS?
Unfortunately we’ve run out of time but I’ll post another article shortly that will give more information on how and where you can expect to find HTTPS but for now at least you’ll start to recognise the differences and hopefully appreciate why it’s important. Quick tip: It
will should always be used automatically when you log onto a banking website, but will probably not be used on the banks home page. As well as Twitter shown above, Facebook also supports HTTPS.