Which Protocal is More Secure http or https?

This reminds me of an interview question I asked somebody once, and we asked what is HTTPS? And they said it's faster than HTTP.


http protocol:

Let's first take the HTTP part. That stands for Hypertext Transfer Protocol. Sounds like a lot of jargon. What hypertext is, is essentially the content you're viewing in your web browser. And it's the method of transferring that between a server, a web server on the internet, into you, into your browser. HTTP, by itself, sends that communication in the clear, it's not encrypted between you and the web server.

https protocol

Now, if you add the S onto it, HTTPS, S stands for Secure. And what that means is that it uses essentially a different protocol that encrypts that transmission to and from the server. If you're sending or receiving information to and from a web server, you should make sure that it's to an HTTPS address, and not to an HTTP address.


And also pay attention to your browser to when it says Not Secure, because that means that information you're sending to and from that server is actually being sent completely in the clear over the internet, and anybody, whether it's on your local network or at your ISP, or somewhere along the path, the vast amount of space between you and that web server out in the internet could be intercepting that transmission and read everything that's going to and from.

Now, what that doesn't tell you is that you can trust the site that you're actually visiting. And it doesn't tell you that the site that you're visiting is legitimately the site that you think you're visiting. So it's important to actually look at the address that's in the address bar.

If that address says www.example.com and it's spelled correctly, and it's HTTPS, well then there's a high level of assurance that you're actually visiting example.com.

If it says secure and it's HTTPS, and it says dubdubdub.example.co. some country code, or it says example, or it has some misspelling of our exchange name, that's not correct site. Do not visit there, do not enter information there. It's really important that whatever website you're visiting, that you just don't rely on when it says secure versus not secure, because that does not tell you whether or not that website is legitimate. 

All that tells you is that the connection between your browser and the web server is a secure connection, it is an encrypted connection. But keep in mind that any criminal on the planet can go and register a SSL certificate, an encryption certificate, and put it on a web server, and it would say that it is secure.

Post a Comment