Tag: https
Why Security Is More Important Than You Might Think
April 28, 2016The past couple of years have seen people becoming more concerned with how secure their information is as their lives continue on an exponential trend toward digitization. We communicate, interact, share, work, plan, and unwind through the magic of the internet. Whether you’re binging the latest season of House of Cards on Netflix, or trying to finish up that spreadsheet for work, society is becoming more dependent on the internet for everyday life. As our lives leave our devices and venture out to connect with computers all over the globe, it is becoming vital that the information we send and receive stays secure in between.
Why does this matter?
Information is used by a variety of internet companies for a host of reasons. Google utilizes search history to target ads that are better suited for the user. Apple collects information about how their phones are used so they can figure out what people are doing or want to do, and improve upon those things. Data collection is everywhere and can include information people may not care about, or information people would rather stay private. Text messages, for example, should not be sent in an unencrypted format. Few people can say they would be OK with their entire texting history being posted online for the world to see. In an insecure digital age, that is entirely possible. Other sensitive information is vital to keep secure such as medical histories, financial data, fingerprint scans, and more, all of which are transmitted over the internet every day. All of this data jumps from computer to computer in its journey to find its way to the recipient, and there are ways to intercept it along the way. Even HTTPS, a secure version of HTTP, is becoming a standard among websites that do not even necessarily take credit card or other payment information. You can read more about HTTPS here. Confidentiality and security are important, but how are they guaranteed?
Progressive Web Apps: A Great Mobile App Alternative
April 22, 2016For those who look at this and wonder, what a Progressive Web App (PWA) is, here is the definition from Google:
Progressive Web Apps are experiences that combine the best of the web and the best of apps. They are useful to users from the very first visit in a browser tab, no install required. As the user progressively builds a relationship with the App over time, it becomes more and more powerful. It loads quickly, even on flaky networks, sends relevant push notifications, has an icon on the home screen and loads as top-level, full screen experience.
Before we look at this any further, let quick go over the layer of technology behind this called a “Service Worker” that works at the network level. Unlike traditional web code, a service worker will continue to run even when you are no longer on the website, waiting for either a command from your phone/computer, or a command from your network connection. This command will then trigger the service worker to run the relevant feature that is enabled on that Progressive Web App.
Secure that site with LetsEncrypt
February 4, 2016You have heard about someone offering free (as in beer) website certificates (aka SSL certificates) for your website. Whoever told you this was not lying. It’s actually quite true! With the revelations regarding shady dealings with intelligence agencies, law enforcement, ISP and black-hat crackers (i.e., your “cyber-thieves”), there’s been an industry-wide push to secure communications. Letsencrypt.org was founded to help address some of the issues in the web industry that led to the widespread failure of website owners and operators in obtaining secure certificates.
HTTPS/SSL in a nutshell
The average website you visit is typically accessed over HTTP (HyperText Transport Protocol). Accessing a site over HTTPS (HyperText Transfer Protocol Secure) is a different process from HTTP. Accessing a site over HTTP makes your traffic visible to everyone on the network. Using tools like WireShark, if you were to park yourself at the point where your network meets the internet, you’d be able to see all the traffic (URLs, content, form data) of people on your network. This is how people perform Man-in-the-Middle (MITM) attacks. In a MITM attack, someone sits on the connection between two networks and just eavesdrops on the data going back and forth. Also, by being in the middle of the communication stream, the attacker could modify the contents going back and forth, sending you malicious data and changing what you are transmitting to the server.
HTTPS, Google and You
August 18, 2014Most people know that Google is rather secretive when it comes to how their search engine works. Indeed, outside of emphasizing the use of quality content that is user-friendly, Google generally masks any other variables that characterize their ranking process and how to reach the first page for your key business terms. This is why last week’s announcement on Google’s Online Security blog came as bit of a surprise, as Google clearly states: