Monday, 28 May 2018

Now broadcasting in HTTPS

You might have noticed this blog and my other blog are now using secure HTTPS connections (as opposed to the so previous decade HTTP). Then again, you might have not, given how rarely I’m posting anything these days.
Still, it’s good to know you are more securely accessing my blogs nowadays.

I would like to add a short clarification to explain what you gain and what you do not gain by using an encrypted HTTPS connection as opposed to the open communication of HTTP.
Essentially, when using a well implemented HTTPS connection (in this case, as it is organised by Google, we can safely assume it is), you’re making it way harder for third parties (that is, everybody other than you and the site[s] you’re connecting to) to know what it is that you’re doing at the site.
However, you do not gain anonymity through the use of an encrypted connection. That is to do with many factors. For example, your internet provider has the ability to know who your first port of call is by virtue of providing you with that access. The main point, however, is that most of the rest of the world can tell, too, if they really want, by virtue of the mechanism with which your computer finds the location of the website you are after. That mechanism is called DNS (which stands for Domain Name System, in case you cared), which acts like a the phone book of websites: you want to go somewhere, say, to Google in order to run a search? Your computer will head to the DNS directory assigned to it in order to find out where this Google thing that you are after is. And the problem, on the anonymity side of things, is that those DNS queries are (but for a tiny few exceptions) always done in the open and without encryption.
And the lesson is: an HTTPS connection is likely to improve your security, but that by itself may not have benefits for your privacy.