‘The balance between freedom and security is a delicate one’
Mark Udall
The HTTPS extension has been around for quite a while, meaning that safety and security are supposed to prevail in the Web these days. That said, we all know too well it is not so: the modern Internet is swarming with malicious threats, which makes it dangerous waters to navigate. In this connection, “Is an HTTPS site safe?” is a perfectly legitimate question, and we assume it is what has brought your here. The good news is, we can answer it. Just keep reading to know what HTTPS is and if it is indeed a guarantee of safe browsing.
How does HTTPS work?
In layman’s terms, HTTPS is a protocol that enables data transfer between your browser and the website you are connected to. HTTPS is designed to make that transfer secure by encrypting it – the letter “S” in HTTPS actually stands for “secure”. There is always either SSL (Secure Sockets Layer) or TLS (Transport Layer Security) involved in the process – those are secure protocols used to encrypt communications in order to keep data thieves at bay. This is achieved through the asymmetric Public Key Infrastructure (PKI) system, which means there are two keys employed to get the job done: the public one is used for encrypting things, and the private one is required to decrypt them. The private key is supposed to be properly protected – that’s what its name suggests in a pretty straightforward way. Thus, the private key is securely stored on the web server of the website you are reaching. When connecting to an HTTPS page, your browser gets the public key needed to initiate a uniquely secure session. When using an encrypted SSL/TLS connection, you see a padlock icon in your browser address bar, which is a sign all your communications with this website are securely encrypted. This is especially important for safeguarding highly confidential online transactions in online shopping and banking.
Are “secure” sites safe?
Members of the Internet community often ask, “Can an https-protected site be harmful?” Well, unfortunately, the answer is not as reassuring as you might expect it to be. A website that displays “https” in the address bar of your browser may still be a means of infecting your computer with malware or stealing your sensitive data, money, and identity.
A “secure” website just means you are using a secure connection, which is undoubtedly great since no one can steal your data in transit, that’s for sure. For this reason, obviously, the more websites opt for this technology, the better. The trouble is, it is your connection that poses no threat – not the contents of the website you are navigating. That green padlock does not necessarily mean that all is safe with the website. It can still be packed with viruses or be a spoof.
Using a safe protocol is important for protecting your data, and yet you should stay vigilant and practice safe browsing no matter what you see in your browser’s address bar. Give suspicious websites a wide berth, do not expose your sensitive details, and never click those intrusive pop-ups. Also, keep your software up to date, store your passwords securely, and avoid phishing hooks. If you are using Edge, make sure to enable Windows Defender Application Guard.
One of the main pillars of PC security is having a proper anti-malware solution in place. It is essential that you perform regular system scans with your safeguard and keep your protection on whenever you are surfing the web.
If you are a Win 10 user, feel free to utilize the built-in Windows Defender software – it is a decent tool designed by Microsoft to keep malicious things out. In most cases, Windows Defender is enabled by default, but to check if it really is, go this way: Control Panel -> System and Security -> Security and Maintenance. To configure Windows Defender, follow this path: Settings -> Update and Security -> Windows Defender.
Nonetheless, you should bear in mind that Windows Defender is not the most advanced security tool. Therefore, it wouldn’t hurt you to fortify your PC with an extra layer of security. You can add it by using Auslogics Anti-Malware – a powerful tool capable of eliminating the most sophisticated threats from the world of malware.
What do you think of HTTPS?
We are looking forward to hearing your opinion!
