HTTP vs HTTPS What is a Secure Server, and when are you really secure?
Most people are confused about what Secure Servers really are, and what the https protocol really is.
Https is a protocol that is used to send data from a web server to a web client (such as Safari, Firefox or MS Internet Explorer), and it sends it using a reasonable level of encryption. Any data you enter is secure while it is in transit to the web server, but that's not the real problem as it is only protecting your data from the time it leaves your computer until it arrives at the remote server.
If your computer has security problems or if the remote server has security problems, you're screwed. In every high-profile case of Internet security problems the security problem has been either at the vendor's site or on people's home computers. Its very rare to find a vendor who maintains a truly secure infrastructure and even more rare to find one who knows what should be done. The odds are very high that your personal information is not secure either on your home computer or on the servers of the companies you buy from -- even when they have an https in their URL.
To be secure, you should:
- Only purchase things online using a credit card
- Never, ever download and install any software from the Internet -- even if it's cool or is going to protect you -- unless you absolutely know everything there is to know about the software and the site you're downloading it from
- Never click on a URL that is contained in an email unless you're absolutely sure it's OK. This doesn't mean that you're getting an email from a friend who is computer savvy, so it must be ok to click/download. This means that everything makes sense, nothing smells fishy.
If you can, don't use Windows. The absolutely best computer operating system to use is a Unix variant -- such as Ubuntu or Linspire which are both fairly easy to use and are rather secure. Apple has been using Unix as its base operating system for a number of years and has had good success at maintaining a secure system.
The bottom-line is that the bad guys are smart, knowledgeable and are after your personal information. You've got to be careful out there,