For marketers
who love technology
Home » , , , » Why use a secure protocol over the Internet?

Why use a secure protocol over the Internet?


English: The Google HTTPS logo Italiano: Il lo...
English: The Google HTTPS logo Italiano: Il logo di Google HTTPS (Photo credit: Wikipedia)
Screenshot of Firefox 3.0 showing an error whe...
Screenshot of Firefox 3.0 showing an error when trying to browse https://svn.boost.org/trac/boost/ (Photo credit: Wikipedia)
After the spying of facebook by Lybia, Syria, and Tunisia during the arab revolution, after Snowden revelations, you might still wonder why use a secure protocol over the Internet. So, I thought it would be useful to go back to the basics and explain pedagogically the purposes of secure protocols such as HTTPS.

Here are the main purposes of secure protocols over the Internet and other media.

  1. Guarantee non-repudiation –
    • Know who I am talking to: 
      • Identity validated through certificates 
      • Prevent identity usurpation by malicious third parties 
      • Prevent man in the middle attacks 
    • Know that I have received what my interlocutor really sent 
      • Information integrity validated 
  2. Prevent eavesdropping (Hmm… Except by a state -- that's called legal interception
    • Ensure that third parties cannot understand the information flows –Prevent sniffing

The concept of legal interception is important: most state require the ability to intercept any communication from their citizen based on a legal decision. As in many countries, justice depends directly from the government, you are only a little bit safer with HTTPS.

You should be aware of the limitations of HTTPS:
  • the TLS SNI extension permits any man in the middle to know which domains you have browsed and how frequently, 
  • DNS queries reveal also the domains you have browsed.
So, to guarantee the safety of your communications, you need to buy a VPN service from a trusted foreign company. Alternatively, you can rent a server locate in Iceland for instance, and use ssh port forwarding to guarantee that all your communications to this proxy are fully encrypted.


SHARE

About Gilles

0 comments :

Post a Comment