HTTPS: Moving Towards a Safer Internet
You may have heard a lot about HTTPS recently but what exactly is it and why is it in the news right now?
HTTPS enable computers on a network to communicate securely, preventing any other party from obtaining the information being sent. It is now widely used on the internet and looks set to become more so after major browsers recently took the decision to actively identify insecure websites in the address bar.
The original HTTP invites the prospect of man in the middle attacks, whereby a third party can gain access to sensitive information by intercepting its transfer. HTTPS encrypts the communication which means that only the two computers with the same agreed ‘code’ can understand it. The principle objective of HTTPS is to authenticate the website that is being visited and protect the integrity and privacy of any data exchanged.
In its internet form, HTTPS provides this authentication and its associated web server, which protects against the possibility of man in the middle attacks. It also creates bidirectional encryption of communication between server and client, which means that it cannot be eavesdropped upon or tampered with.
A website visitor is thus provided with a reasonable guarantee that they are in the right place online and not connected to a pretty convincing imposter, They can be sure that the content of their communication is private between them and the website and cannot be altered by a third party intent on gaining access to sensitive information such as financial details.
HTTPS has been around for a while and was originally just used for corporate information systems and some payment transactions but is now spreading its influence over the rest of the web too, across all different types of websites. As is common to most major changes in browser functionality, the new flagging of insecure sites implemented by Chrome will quickly become an expected standard.