March 5, 2018
In episode #161 we talk about HTTPS!
Listen:
Watch:
Topics:
Upcoming Events
- NERD Summit March 17 & 18 - Western MA
- DrupalCon Session Announced - John Presenting on Lingotek
Patching Core
HTTPS
- What is https and why does it exist
- Recent histry with HTTPS
- Securing your webste with HTTPS
- Forcing HTTPS
- HSTS
Comments
Warped replied on Permalink
Re: HTTPS Everywhere
Google wants HTTPS on all sites so NSA decrypting all user encrypted web traffic will be impossible or very difficult. Also that it's the standard, not the exception. If Facebook and Google can use encryption, then other sites really can't complain about the overhead. Especially on low usage websites.
To that end, we also need DNS privacy and security improved.
Wordpress sites like mysite.wordpress.com and others like it should be covered by wildcard certs for free.
While you might not give a brochure site any public data, they can be sending all kinds of personal data back from your browser that you might not want going over unencrypted traffic.
It would be nice if all devices (routers, printers, NAS) could have certificates and encryption that could be flagged if anything changes.
Encrypted web traffic does nothing if the infection is on the server or your computer.
Just a few thoughts I had while listening to your podcast.
Thanks for all the work that goes into the podcast.
Add new comment