We all browse tons of websites every day. Most users want to feel safe while doing that. For an average user it will be hard, if not impossible, to open the website’s source code in real time and check it for malicious parts. And even if you do that there are no guarantees that you’re safe. For that reason, reputable websites deploy security solutions.
One of the most popular security solutions for a website is HTTPS. Each website we visit uses a channel to pull the traffic through certain transfer protocols. HTTP (Hypertext Transfer Protocol) is currently the most widely used protocol on the Internet. Many users use web content, communicate and exchange data by means of HTTP.
Common Certificate Types
Most websites that do not serve for exchanging private info use regular HTTP without encryption:
Such websites have a gray globe in the left upper corner. This means no encryption is used and there’s also no info about the domain either. Many users may not know that HTTP is vulnerable to attacks and also an intruder can perform so called “man-in-the-middle attacks”. An optimal solution to this problem exists. It is called HTTPS. It uses the same HTTP technology but also applies SSL or TLS encryption to any connection made on the specific website which has HTTPS enabled. Any website that values security of its users has HTTPS enabled at all times.
As a user you can manually check if website has HTTPS enabled by clicking on the icon in the left upper corner of the web page. In the case the website has HTTPS enabled the icon will have a form of a padlock. By clicking that lock icon you will see a statement that the connection is secure and also that the website has been verified by an authorized company.
As we see from Wikipedia example, the website has secure HTTP or HTTPS enabled verified by GlobalSign. The gray HTTPS, however, does not validate the domain belongs to a certain owner. Not every website needs such verification. Financial security services, however, appear less credible without this info. Therefore, they go through a more sophisticated verification procedure using an Extended Validation certificate (EV). This is the highest level of verification that a website can get nowadays. It ensures the connection is protected with encryption and that the domain name belongs to a person or a legal entity. In this case, the padlock is green.
Privatoria as a provider of security services is verified by GeoTrust using the EV certificate.
Web services to check website integrity
There are a number of websites which will be helpful in checking a website for threats.
Common examples are:
It gives you information about: computer threats, identity threats, annoyance factors, Organizationally Validated SSL, SSL encryption, Privacy protection, etc.
This service is powered by McAfee. It offers overall verdict on security, feedback and comments from users. It also checks website for the presence of harmful links and upload files.
This service is powered by GeoTrust and provides the info whether the checking site certificate was issued by GeoTrust. You can see website’s registered domain, domain validity, website’s security info and website’s identity info. You can always check Privatoria SSL certificate here.
It is important to point out that not every website needs an HTTPS protection. Therefore, if you read news or watch kittens on a website that does not have HTTPS enabled you’re not necessarily in trouble. Those users who prefer to visit only HTTPS-protected sites might want to try HTTPS everywhere browser extensions that blocks regular HTTP websites.
[Total: 0 Average: 0]
Interested? Try it!
We are happy to announce the start of Bring-a-Friend program that gives an opportunity to get a month of FREE security […]
Travelling is Life. Travelling is Freedom. Full stop. No further comments, explanations or reasons are required to make you join […]
Black Friday sale from Privatoria is coming! Get 70% OFF for your anonymous and secure web surfing. A great chance […]