It has probably been a while since you typed “http” in front of a URL to cruise around the web, but those simple letters are still crucial to your experience on the internet.
That familiar abbreviation stands for Hypertext Transfer Protocol, and it’s the system that helps bring all that sweet content from the web down in front of your eyeballs. It’s the protocol that enables us to interact with the World Wide Web. Unfortunately, it can also provide an opportunity for bad people to inject all kinds of shenanigans into the browsing process, from secretly sending bad software to your machine to tricking you into looking at a site that’s not what it claims, like imitating your bank’s website, for example, and getting you to enter your username and password.
So why do you see the “S” at the end of it sometimes? HTTPS is a secure version of the HTTP protocol. It has become the standard on the web, and now companies like Google are giving it a push for total internet saturation. Late last week, Google announced that its Chrome browser will label any site using HTTP as “not secure” in an effort to push consumers and site creators toward a safer internet experience.
What do HTTP and HTTPS actually do?
How is HTTPS more secure?
This also ensures that the information isn’t modified or corrupted in transit without detection. So, if an internet service provider tries to sneak some malicious code in with the content you requested, the browser will notice. Finally, it stops what are typically called “man-in-the-middle” attacks, in which a third party sneaks in between the browser and the server and replaces the data with other, typically harmful data.
By encrypting the data transferred between your machine and the web server, HTTPS makes sure that the site you’re viewing adds a basic layer of security.
Even if you’re not sending sensitive data like personal info and passwords to a HTTP site, it’s still possible for outside observers to look at aggregate browsing data of the users and “deanonymize” their identities by analyzing behavior patterns.
How does a site get the HTTPS designation?
What should you do if you find a site that isn’t HTTPS?
Other browsers are taking a similarly hard stance against sites that might expose user data. Firefox indicates that a site isn’t secure when it requires users to submit passwords.