HTTP vs. HTTPS :: It's all about keeping you secure
HTTP stands for HyperText Transport Protocol, Which is just a fancy way of saying it's a protocol (a language, in a manner of speaking) for information to be passed back and forth between web servers and clients. The important thing is the letter S which makes the difference between HTTP and HTTPS.
The S (big surprise) stands for "Secure". If you visit a website or webpage, and look at the address in the web browser, it will likely begin with the following: http://.
This means that the website is talking to your browser using the regular 'unsecure' language. In other words, it is possible for someone to "eavesdrop" on your computer's conversation with the website. If you fill out a form on the website, someone might see the information you send to that site.
This is why you never ever enter your credit card number in an http website! But if the web address begins with https://, that basically means your computer is talking to the website in a secure code that no one can eavesdrop on.
You understand why this is so important, right?
If a website ever asks you to enter your credit card information, you should automatically look to see if the web address begins with https://. If it doesn't, there's no way you're going to enter sensitive information like a credit card number.
PASS IT ON (You may save someone a lot of grief).
Going Through the Process
With HTTP, you sit at your browser and interact with data. HTTP’s job is to present that data to you, and browsers are the means of doing so. Mozilla’s Firefox browser, for example, understands HTTP instructions and arranges the data as the site’s designer intended. The browser knows what to do when you click. It uses HTTP to do this. But HTTP cannot do much beyond that. How the data travels from Point A to Point B, or even if it travels at all, is none of HTTP’s concern. This is a great compromise if you want speed and elegance and couldn’t care less about security. One does not require security to view BizTech’s latest online articles, for instance.
With HTTPS, the story is quite the same. But when security is a must, HTTPS differentiates one sender and receiver from another. SSL takes the data, going or coming, and encrypts it. This means that SSL uses a mathematical algorithm to hide the true meaning of the data. The hope is that this algorithm is so complex it is either impossible or prohibitively difficult to crack.
The encryption begins when the owner of the Web site purchases a time-sensitive certificate from a trusted certificate authority such as VeriSign. You can get a certificate anywhere, or even make your own, but is it trusted? Your browser will let you know. This certificate is a security code created specifically for that one user, or even for that one Web site. The code is so complex that no one else on Earth should have a duplicate.
Getting a certificate can be an involved task. All types of information must be recorded so the issuer of the certificate can be a reliable authority on the certificate’s owner. Information that must be provided includes the name of the site and even the name of the server that hosts the site. Complexity makes counterfeiting incredibly difficult.
This makes the issuer a trusted third party. When your browser sees the secure Web site, it uses the information in the certificate to verify that the site is what it claims to be. Browsers commonly indicate security by presenting a picture of a shiny closed lock at the bottom of the screen. This process is not always perfect because of human error. Maybe 53.com is a valid banking site, but 53RD.com is not. We call that phishing. Unscrupulous people phish for careless people. So be cautious. After the identity of the Web site is accepted, the encryption is negotiated between the browser and the Web server, and the data is all but locked up tight.
-
- Share:
-
-
-
-
-
-
Reach -
Credibility
-
- Blog Source: darticles.blogspot.comMozilla Firefox - faster, more secure, easier to use and sporting a new look, this latest Firefox release sets a new standard for web browser innovation. Mozilla Firefox project (formerly Firebird, which was formerly Phoenix) is a ...
- Blog Source: aspadvice.com16. Your SSL certificate is now installed, and the website configured to accept secure connections. Troubleshooting:. 1. Open a web browser and visit your site using https. It is best to test with both Internet Explorer as well as ...
- Blog Source: luxsci.comWhat encryption techniques are supported by modern web browsers? For any given web browser, it is easy to see what the best encryption technique it supports by browsing to the web site: https://www.fortify.net/cgi/ssl_2. ...
- Blog Source: luxsci.comYou will then need to get an SSL certificate for your web site domain name. You have Private Labeling with LuxSci and wish to use your own domain name in the browser address bar when users are logged in securely (i.e., instead of them ...
-
Image Source: www.vantree.com... through our SSL secured ...Image Source: www.vantree.com... through our SSL secured Web site ... -
Image Source: www.appgate.com... a web browser, using https/...Image Source: www.appgate.com... a web browser, using https/SSL. -
Image Source: ogasawalrus.com -
Image Source: www.evsslcertificat...... Web Server and Web Browser....Image Source: www.evsslcertificat...... Web Server and Web Browser. SSL ... -
Image Source: i.techrepublic.com.com... browser and your Web site. ...Image Source: i.techrepublic.com.com... browser and your Web site. SSL ... -
Image Source: i.msdn.microsoft.com... Web browser when an https ...Image Source: i.msdn.microsoft.com... Web browser when an https site ...
.gif)
-
Video Source: www.truveo.comFREE FIREFOX ADD-ON=FLAGFOX=...Video Source: www.truveo.comFREE FIREFOX ADD-ON=FLAGFOX=WHICH LET YOU KNOW WHERE YOUR WEB SITE GOING TO....
This may sound silly to technophiles, but plenty of people don’t understand how secure Web sites work. People often ask how they can shop on a Web site, giving out personal information, and feel even remotely safe? Hope this article will help them as well..
Thank you dear Majdy for the comment.
Encryption is a method that Web site owners use to help protect sensitive information, such as user names, passwords, addresses, phone numbers, and credit card numbers.
If a Web site you visit does not use encryption, any sensitive information you place on it is easily accessible to hackers who want that information for unsavory purposes.
There are few ways to ensure you are viewing an encrypted site.
Make sure that a Web site uses encryption when you are entering or viewing sensitive information.
There are two ways to see whether a site uses encryption. One is a small yellow "lock" icon on the status bar of IE (If you are using IE).
The other is in the Web address itself. If it begins with (s) (note the "s"), then the site is secure. If you ever visit a Web site without either of these encryption indicators, do not click a Submit, Save, or OK button, because sensitive information will be transmitted without being encrypted.
This is what i mean to say here by this article and regarding keystrokes or trojans,
Ok let me explain in short how trojan act.The Trojan horse viruses infect PCs by being spread by other mechanisms, meaning that computer Trojans cannot materialize on their own. They must be creat ed by a person before being able to attack and infect victims' PCs.
One of the most common ways that trojans viruses are spread is through the distribution of seemingly normal software.For example, in 2002 there was an incident in which the sendmail and OpenSSH packages were used to hide the Trojan horse virus within them. This was caused by an attacker who had broken into the distribution sites and replaced the original packages with his own. There is also the possibility of spreading Trojan horse virus through chat and messaging systems such as ICQ, MSN, AIM, IRC, and Yahoo Messenger.
Cheers!
Thank you for your comment, Here iam talking about encryption before entering information on a site.
While surfing the Internet is less dangerous than finding an abandoned bag in an airport, security should still be taken seriously. Encryption is a method that Web site owners use to help protect sensitive information, such as user names, passwords, addresses, phone numbers, and credit card numbers. If a Web site you visit does not use encryption, any sensitive information you place on it is easily accessible to hackers who want that information for unsavory purposes.
There are two ways to ensure you are viewing an encrypted site.
Make sure that a Web site uses encryption when you are entering or viewing sensitive information.
There are two ways to see whether a site uses encryption. One is a small yellow "lock" icon on the status bar of Internet Explorer(for IE user).
The other is in the Web address itself. If it begins with https:// (note the "s"), then the site is secure. If you ever visit a Web site without either of these encryption indicators, do not click a Submit, Save, or OK button, because sensitive information will be transmitted without being encrypted.
Well buddy this i meant to explain here..
Thanks
Cheers!
and here you mention about "infostealer used HTML" yes, you are very true but, that is posible only when your system is already infected.
INFOSTEALER(HTML TYPE): it is capable of fooling even those who practice the standard precautionary measures against online fraud.
When the user of an infected computer goes to the login page of certain websites, the Trojan intercepts the HTML page, checks for certain blocks of HTML code specific to that website, and injects some additional HTML code that presents the user with extra fields in the same login page. In some cases, additional warning messages are inserted, explaining that the extra information is required to “prevent fraud”. Ironic, eh?
Thank you buddy for the comment.
Cheers! and let me know if any Q.
Related Allvoices Contributions
-
By: diolt
Report: Get 25% off on bulk submission
16 days ago
-
By: genius-world
Report: Gmail, Yahoo and AOL dragged into Hotmail hack alert
about 1 month ago
-
By: chnarendra
Report: Level of dissatisfaction among citizens should be taken as a given : ...
about 1 month ago
-
By: anonymous121368
Report: Link exchange proposal between allvoices.com and...
about 1 month ago
Cell phones use report code: Related Allvoices Reports
Site Links
Site Topics
Contributions
- Report Your News
- Add your voice and contribute via your cellphone - check out how to Report News via Your Cellphone
- Blog Widget
- Widget for Blog Owner
