Search This Blog- Enter the tip # or a keyword(s)

Sunday, September 29, 2013

1407. HTTPS and lockls what do they mean?

I recently signed up for a service and at some point they just asked me for my credit card number on the web page. I went up to the top and noticed the page didn't have a little lock or a HTTPS in its address which I normally look for when supplying my credit card information. Can you explain what the HTTP is and what the lock tells me?

This is an important question, especially in todays world of security. First a quick definition. HTTP is an acronym for HyperText Transport Protocol which is the language foundation for the Internet. HTTPS adds Secure to that protocol.  

Think of HTTP as a loudspeaker and everything you send and receive can be seen and heard by everyone wanting to see or hear. When you add the S think of a tunnel and everything that goes through the tunnel cannot be seen or heard unless you are at the beginning or end of the tunnel.  

It is encrypted and without the key you cannot understand the messages. The little lock you see in your browser window insures that the current message is being encrypted. You can get information from that lock that tells you who you are talking to at the other end of the tunnel and who (SSL Security company that created the tunnel like Geo Trust).  

Bottom line is when you are sending any sensitive information make sure you see the HTTPS at the beginning of the address and the lock is present in the address. I often double check on the lock certificate to make sure it is who I expect it to be. 

Scammers are trying to make you think you are connected to Amazon when you are not. If not I do not use the service. I will at least look into things further. Like in Hill Street Blues let's be careful out there.

No comments:

Post a Comment