Today I watched Eric Snowden’s address at SXSW, transcript. It was a very interesting discussion. One of the more interesting and recurring themes mentioned as a way to protect personal data is called Encryption. It dawned on me that some people may not know what this is, so I’m here to explain!
There’s a whole lot of information that we don’t want other people to see, such as:
Social Security numbers
Sensitive company information
Encryption is the process of encoding (or making secret) information so that only the person (or computer) with the key can decode it (HowStuffWorks). While there are many ways to encrypt information what I want to focus on the easiest way to tell if a website you frequent is encrypting the information you provide. The way to tell is with HTTPS (Hypertext Transfer Protocol Secure ). It describes HOW websites should transmit data.
Let me give you an example – You open your browser and head over to your bank’s website, say Chase. When you get to the site, you enter your username, password and click on the button that says Log In.
What happens to the information (username, password) that you entered? How do we make sure that no one can easily intercept (or hack) the data and log in to your account later?? As mentioned earlier, the HTTPS protocol mandates that this information be transmitted in a secure way… For the sake of this post, you don’t have to understand any more details than that!
What I want to focus on is how you can tell if a website you frequent is following the HTTPS protocol. That’s important because if you log into a site that does not use HTTPS, it’s like the equivalent of writing your username and password on a postcard and mailing it for the entire world to see (Slashdot). The simplest way is to look at the browser bar – you know, where you typed “chase.com”. If the site is using one of many encryption methods, you will see https://www.chase.com/ instead of http://www.chase.com/. Go ahead and try it out on your favorite sites…