Forgot your password?
typodupeerror
Networking

+ - HTTPS is more secure,so why isn't the Web using it 1

Submitted by suraj.sun
suraj.sun (1348507) writes "HTTPS is more secure, so why isn't the Web using it?

You wouldn't write your username and passwords on a postcard and mail it for the world to see, so why are you doing it online? Every time you log in to Twitter, Facebook or any other service that uses a plain HTTP connection that's essentially what you're doing.

There is a better way, the secure version of HTTP — HTTPS. But if HTTPS is more secure, why doesn't the entire Web use it? Web security got a shot in the arm last year when the FireSheep network sniffing tool made it easy for anyone to detect your login info over insecure networks. That prompted a number of large sites to begin offering encrypted versions of their services via HTTPS connections.

ARS Technica: http://arstechnica.com/web/news/2011/03/https-is-more-secure-so-why-isnt-the-web-using-it.ars"
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

HTTPS is more secure,so why isn't the Web using it

Comments Filter:
  • You can self sign a certificate.
    However, SSL only works with IP based virtual hosting, not with domain name virtual hosting.
    You can have hundreds or thousands of http sites on one IP (depending on the hardware and connection) but only one https site or part of site.
    It means that to offer a https login service you need a dedicated machine and most people do not think it's worth to get a dedicated machine unless they earn money with the website or need to process credit cards and such.

You can measure a programmer's perspective by noting his attitude on the continuing viability of FORTRAN. -- Alan Perlis

Working...