Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Far Have We Come With HTTPS? Google Turns On the Spotlight (networkworld.com)

Posted by BeauHD on from the legitimacy-of-websites dept.

alphadogg writes from an article on NetworkWorld: HTTPS is widely considered one of the keys to a safer Internet, but only if it's broadly implemented. Aiming to shed some light on how much progress has been made so far, Google on Tuesday launched a new section of its transparency report dedicated to encryption. Included in the new section is data highlighting the progress of encryption efforts both at Google and on popular third-party sites. "Our aim with this project is to hold ourselves accountable and encourage others to encrypt so we can make the Web even safer for everyone," wrote HTTPS evangelists Rutledge Chin Feman and Tim Willis on the Google Security Blog.

5 of 84 comments (clear)

  1. Congrats Slashdot! by gQuigs · · Score: 5, Insightful

    This is the first time one of these stories have come up and slashdot has had HTTPS enabled!

  2. Re:Google knocks Apple, Bing and Microsoft by Hentes · · Score: 1, Insightful

    Why is it better to force users to use https instead of letting them choose? I hate this modern trend when removing features is considered "progress".

  3. Re:Just one problem by Cramer · · Score: 2, Insightful

    Exactly. It's just more theater. 99% of those "cheap" ssl certificates are not validated AT ALL. People are blindly putting trust into a system that has none.

    And on top of this, SSL is an exceptionally expensive computation. It takes rather expensive dedicated hardware to handle at any meaningful rate. (go play with the opensssl speed tool to see for yourself)

  4. Re:Google knocks Apple, Bing and Microsoft by NatasRevol · · Score: 1, Insightful

    Adding security is now removing features?

    Fat, drunk and stupid is no way to go through life, son.

    --
    There are two types of people in the world: Those who crave closure
  5. Re:Google knocks Apple, Bing and Microsoft by DavidRawling · · Score: 4, Insightful

    And because we need to ~double the amount of data used by all the hamster forums, cat videos and aircraft curation guides, especially when a lot of the world's users are on slow or data-limited connections?

    Look. I get that it's good to ensure that there's no injected content, and that you know you're connected to the site you want - but that's only true for 1% of the population. The rest of the world wouldn't know the difference between https://www.example.com/member... and https://www.example.com.member.... Both "secure" because they're HTTPS, right?

    Factor in all the browsers deciding that privately-signed sites are worse than plain http, that no-one needs to actually SEE the protocol, or the URL, that all the certs are issued by a cabal of companies who just see the benefit of charging for a NUMBER, but barely doing validation ... but sure. "Adding security". Right.