Sunday, June 28, 2009

EFF offers discussion of https protocol and wireless security


Electronic Frontier Foundation has a very instructive article by Peter Eckersley about the significance of the https protocol. The link for the URL is here.

The article praises Google for encrypting gmail, and notes that you can’t normally do Internet searches through https (it just reverts to http).

EFF points out that https and its certificate verification protocols make “dragnet surveillance” by advertisers and governments (hint: Iran) much more difficult. The article also suggests that secure wireless networks (which normally one has to pay subscription to use) are not as “secure” as thought and that there are some attacks on “wired equivalent privacy.”

I wonder how secure an https sign-on is over a public unsecured network, such as with a laptop in a coffee shop or hotel. I see people using these all the time to conduct personal business, but this is the converse problem.

No comments: