{"id":367,"date":"2011-02-26T12:19:31","date_gmt":"2011-02-26T17:19:31","guid":{"rendered":"http:\/\/thundercloud.net\/infoave\/new\/?p=367"},"modified":"2011-02-27T10:01:57","modified_gmt":"2011-02-27T15:01:57","slug":"ssl-secure-sockets-layer-secure-web-servers","status":"publish","type":"post","link":"https:\/\/www.thundercloud.net\/infoave\/new\/ssl-secure-sockets-layer-secure-web-servers\/","title":{"rendered":"SSL: Secure Sockets Layer \u2013 Secure Web Servers"},"content":{"rendered":"

SSL: Secure Sockets Layer – AKA Secure Web Servers<\/strong>
\nWhat it all means to you<\/p>\n

Web browser: “How do I know you’re who you say you are, Mr. \t\t\t\t\tBig Bank? You have any ID?”<\/p>\n

Mr. Big Bank: “As a matter of fact, I do, young fella. Here \t\t\t\t\tis my security certificate, you’ll notice that it matches \t\t\t\t\tthe one that was issued to me by VeriSign.”<\/p>\n

Web browser: “OK I’m in a hurry, give me the secret code so \t\t\t\t\tI can do my business go back to working on my AntiFacebook \t\t\t\t\tpage. What’s the password to get in?”<\/p>\n

Mr. Big \t\t\t\t\tBank: “Hang on there, buster. Don’t worry! I’m am going to \t\t\t\t\tsend you a special decryption key you can use to decrypt my \t\t\t\t\tsuper-encrypted transmissions. But remember, it’s only good \t\t\t\t\tfor this one session. So tell that bozo pushing your buttons \t\t\t\t\tthat if he closes you while we’re in the middle of things, \t\t\t\t\twe’ll have to go through all this again. Frankly, it’s a lot \t\t\t\t\tof work for me.<\/p>\n

Web browser: “It’s a lot of work for me too. So gotcha! \t\t\t\t\tLet’s get started. Send away.”<\/p>\n

(Remember computers talk very rapidly, since they only \t\t\t\t\thave two words in their vocabulary – zero and one. So the \t\t\t\t\tabove conversation takes less than a second in computer \t\t\t\t\tlanguage. We had a heck of time translating zeros and ones \t\t\t\t\tinto English. And I suppose not good English at that. Right, Mrs. Ralston? )<\/em><\/p>\n

The above is a little light-hearted version of what happens \t\t\t\t\twhen you go to a secure site to make a purchase, pay bills \t\t\t\t\tor go to a site where sensitive information is exchanged \t\t\t\t\tlike your Social Security number, credit card numbers, bank \t\t\t\t\taccount numbers, home address, telephone number, etc. Names \t\t\t\t\tand email addresses are not considered sensitive data by \t\t\t\t\tmost people or web sites.<\/p>\n

Whenever you enter any sensitive information make sure \t\t\t\t\tyour browser’s address bar displays https:\/\/ and not http:\/\/ \t\t\t\t\t– . You’ll see a little lock next to the URL (the web \t\t\t\t\taddress). By the way, did you know if you click on that lock \t\t\t\t\t(which tells you you’re on a secure server) you’ll get the \t\t\t\t\ttrust mark – which tells you the name of the company that \t\t\t\t\tissued the site’s SSL certificate?<\/p>\n

Almost all secure \t\t\t\t\tsites are protected with 128 bit encryption. At current \t\t\t\t\tcomputing speeds, a hacker with the time, tools, and \t\t\t\t\tmotivation to attack using brute force hacking tools would \t\t\t\t\trequire a trillion years to break into a session protected \t\t\t\t\tby 128 bit encryption. Not many people \t\t\t\t\tlive a trillion years. Considering the earth is only about 5 \t\t\t\t\tbillion years old and the universe is thought to be between \t\t\t\t\t13 and 15 billion years, no one’s yet had a chance to try to \t\t\t\t\tlive a trillion years, so your data’s pretty safe.<\/p>\n

Here’s why encryption is so important. If you login a site \t\t\t\t\tthat is not<\/strong> on secure server – SSL (Secure Sockets \t\t\t\t\tLayer), there’s a very slight chance that someone sniffing \t\t\t\t\tweb traffic to and from that server could intercept your \t\t\t\t\tpassword and username, and if all that you’re doing is \t\t\t\t\tlogging to a social networking site, or logging onto a \t\t\t\t\tforum, you don’t have a lot to worry about.<\/p>\n

Number One: There’s nothing of value (money or sensitive \t\t\t\t\tinformation) for anyone to bother sniffing web traffic on \t\t\t\t\tthese kinds of sites. That’s not to say that there are not \t\t\t\t\tsome low-level creepers who might do it, but generally you \t\t\t\t\tshouldn’t worry if Facebook is on a secure server or not \t\t\t\t\tbecause you should NEVER be putting any sensitive \t\t\t\t\tinformation on a social networking site anyway!<\/p>\n

Now your email is another matter. Hotmail, Yahoo Mail, and \t\t\t\t\tGmail login pages are all on secure servers. Why? Because \t\t\t\t\tyour email may (and probably does) contain personal \t\t\t\t\tinformation. So any hacker sniffing traffic to Gmail, \t\t\t\t\tHotmail, or Yahoo Mail, better settle in for a trillion \t\t\t\t\tyears.<\/p>\n

But most passwords, credit card numbers, and other sensitive \t\t\t\t\tinformation isn’t stolen by hackers sitting in a dark \t\t\t\t\tbasement in Hachicoo, Alaska. It’s given to them voluntarily \t\t\t\t\tby YOU. That’s right. Those of you who click links in \t\t\t\t\temail supposedly from your bank or some other site that \t\t\t\t\trequires sensitive information, can bet that:<\/p>\n

1. The site won’t be on a secure server (https:\/\/)
\n2. The site will look exactly like your bank, store, or \t\t\t\t\tother payment center.
\n3. If you fill in the login information, you’ve just given \t\t\t\t\tthe criminals your password and username for the real site.
\n4. As soon as you click “Submit” your information is being \t\t\t\t\ttransported to some criminal in a cellar somewhere in \t\t\t\t\tRomania, and you’ll be redirected to a page that says \t\t\t\t\t“Error” please retry.
\n5. You are probably in for big, big trouble.<\/p>\n

Regardless of the hype propagated by companies that sell \t\t\t\t\tfirewalls, please remember that firewalls don’t protect you \t\t\t\t\tfrom getting your credit card and other sensitive \t\t\t\t\tinformation stolen, your brain does. It’s deceitful for \t\t\t\t\tfirewall companies to claim their firewall can protect your \t\t\t\t\tcredit card numbers, social security address and other \t\t\t\t\tsensitive information, when over 95% of all data that is \t\t\t\t\tstolen is voluntarily given to the criminals by the user him \t\t\t\t\tor herself.<\/p>\n

Whenever you are entering sensitive information on any web \t\t\t\t\tsite, look at your browser’s address bar – and if it says \t\t\t\t\thttps:\/\/ and you see a little lock icon next to it, you can \t\t\t\t\ttrust that whatever data are being transferred to and from \t\t\t\t\tyour computer and that server is encrypted in such a way \t\t\t\t\tthat no hacker anywhere is going to be able to snatch it.<\/p>\n

Every secure session uses a different encryption key. So \t\t\t\t\twhen you end that session, that encryption key is no longer \t\t\t\t\tvalid. That’s another protection that secure servers offer – \t\t\t\t\tand that should make you feel more comfortable when entering \t\t\t\t\tinformation.<\/p>\n

Two more things:<\/p>\n

1.) If all you are entering is your name and \t\t\t\t\temail address, that’s not considered sensitive information. \t\t\t\t\tNot all sites that ask for your name and email address are \t\t\t\t\tgoing to be on secure servers because there’s just no good \t\t\t\t\treason for it and SSL certificates are expensive and running \t\t\t\t\tsecure servers is more costly. So don’t run scared if you’re \t\t\t\t\tsigning up for a forum for knitters and you look up and see \t\t\t\t\tno https:\/\/ . OK?<\/p>\n

2.) Your accounts are only as secure as your password. Your \t\t\t\t\tpassword is the key you use to enter your account. It \t\t\t\t\tdoesn’t matter how secure the server is if your password is \t\t\t\t\tweak. Please don’t use weak passwords.<\/p>\n

<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

SSL: Secure Sockets Layer – AKA Secure Web Servers What it all means to you Web browser: “How do I know you’re who you say you are, Mr. Big Bank? You have any ID?” Mr. Big Bank: “As a matter of fact, I do, young fella. Here is my security certificate, you’ll notice that it matches the one\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[159,161,155,160,158,157,154,14,156],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/367"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=367"}],"version-history":[{"count":3,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/367\/revisions"}],"predecessor-version":[{"id":369,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/367\/revisions\/369"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=367"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=367"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=367"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}