Most internet traffic is now sent over an HTTPS connection, making it “secure”. After all, Google warns that unencrypted HTTP sites are “not secure”. So why is there still so much malware, phishing and other dangerous online activity?
When you visit a website using HTTPS, Chrome used to display the word “Secure”. It now shows you a green padlock in the address bar. And conversely if you enter an HTTP address the lock is lost, replaced by an exclamation mark inside a circle, and the word "Unsecured" is written.
This is partly because HTTPS is now considered the new core standard. However, the word "Secure" has left Chrome because it was a bit misleading. It looks like Chrome guarantees the contents of the site, and that everything is safe on that page. But this is not true. A "secure" HTTPS site could contain malware or be a fake phishing site.
HTTPS is a protocol transportς δεδομένων και κάνει σπουδαία δουλειά, αλλά δεν κάνει τα πάντα ασφαλή. Είναι σαν το τυπικό πρωτόκολλο HTTP για τη σύνδεση με ιστότοπους, αλλά έχοντας επιπλέον ένα επίπεδο ασφαλούς encryptions.
This encryption prevents malicious users from stealing your data during transit and stops attacks during the communication process. For example, no one can track the payment details you send to an HTTPS site. Ή you can not interfere in your communication with a site and deliver to you that site modified at will.
In short, HTTPS ensures that the connection between you and this particular site is secure. No one can steal it or violate it. But that does not really mean that a website is "safe".
HTTPS by itself, all it means is that useste a secure connection to a particular website. The word "Safe" says nothing about the content of this site. All it means is that the site administrator has purchased a certificate and created encryption to secure the connection.
For example, a dangerous site full of malicious downloads may be delivered over HTTPS. This means that the site and the files you receive are sent over a secure connection, but may not be secure.
Likewise, one criminal could to buy a domain like “aticabank.gr”, to get an SSL encryption certificate for it and to imitate the real website of Attica Bank. It would be phishing to have a "secure" padlock, but that would mean having a secure connection to a phishing site.
Despite the fact that browsers have been using "phrasing suggestions" for years, HTTPS sites are not really "secure". Websites that switch protocols and go from HTTP to HTTPS help to resolution some problems, but they do not end the scourge of malware, phishing, spam, and other online scams.
The shift to HTTPS is still great on the Internet. According to Google statistics , 80% of web pages uploaded via Chrome to Windows are handled via HTTPS. And Chrome users on Windows spend 88% of their browsing time on HTTPS sites.
This transition makes it more difficult for criminals to track your personal data, especially on public Wi-Fi or other public networks. It also greatly eliminates the chances of being attacked when you are on a public Wi-Fi network.
For example, suppose you are downloading an .exe file of a program from a website while you are connected to a public Wi-Fi network. If you are connected via HTTP, the Wi-Fi provider could violate the download and send you a different, malicious .exe file. If you are connected to HTTPS, the connection is secure and no one can violate the software download.
This is a huge victory in terms of internet security! But it is not a panacea. You should continue to use basic safety practices to protect yourself from malware and phishing sites
Right! However, this with the "bank" made me happy as much as I can not describe since all banks are just as dangerous (for the masses).
Honestly, my respect for you.