How safe is your browser?
A typical internet user probably doesn’t realize the measures that are being taken to protect them from hackers, malware, and spybots on a daily basis. Just to give you a little background on web security, website owners pay 3rd party security companies to ensure that the content that they are sharing with their users is safe. Many of you have probably noticed that when you are on a secure page instead of the link beginning with ‘http://’ it will actually read ‘https://’, the ‘s’ meaning it’s secure. In many updated browsers you will now see a lock that is found next to the html link in your browser that will be locked if you have a secure connection to a webpage.
The way that the majority of these secure sites are setup is through a system that uses SSL, or Secure Socket Layer. To put it in simpler terms, a website will pay one of a few different companies for an SSL certificate which will basically assign an encryption key to that website and any user who wants access to it. From there both parties will be able to trust that they are each who they say they are and everything should run smoothly.
According to a Jersey City, NJ SSL certificate company, Comodo, there was a breach in the system that allegedly came out of Iran. Apparently somebody in Iran was able to obtain fraudulent certificates and imitated companies such as Google.com, Yahoo.com, and Skype.com. This is a very big deal because any personal information such as usernames or passwords that are entered will all be captured by whoever is doing the impersonating. Essentially these people could ask for bank, credit card, or other personal information from you and actually appear to be who they say they are.
All web browsers have different ways of going about checking the authenticity of a certificate but in the end they are all verified by these 3rd party companies such as Comodo. There are lists of companies that the different web browsers trust, but some browsers verify these sources more often than others. The biggest problem right now is that there are too many different entities that have access to everything. Essentially a master key is being passed around and if any of them are compromised it could leave a lot of people vulnerable. The website where I accessed this article put it into simpler terms, “It’s as if hundreds of superintendents in New York City had the master keys to every unit in every apartment building–as opposed to the normal practice of one master key per each superintendent.”
At the moment both the internet browsing companies and the 3rd party certifiers are revising their strategies to ensure safety and privacy. The most important part in all of this is that the problem was caught in it’s early stages. Luckily nothing was found to be compromised yet and this will hopefully be a lesson that will only make the internet a safer place in the future.
Thanks for reading! You can read more at http://news.cnet.com/8301-31921_3-20050255-281.html
Don’t forget to take the quiz!
Entry filed under: Uncategorized.