HTTP vs HTTPS

HTTP vs HTTPS are the two mainly used protocols to transfer data on the web. HTTP stands for hypertext Transfer Protocol. It is no doubt the most widely used protocol in the world today. Http is the protocol that is used for viewing web pages on the Internet.

When you type in a web address like techpappy.com you’ll notice, that HTTP is automatically added at the beginning of the web address, and this indicates that you are now using HTTP to retrieve this web page now in standard HTTP.

HTTP

In HTTP, all the information is sent in clear text. All the information that is exchanged between your computer and that webserver, which includes any text that you type on that website, that information is transferred over the public Internet and because it is transferred in clear text it is vulnerable to anybody who wants it.

Normally this would not be a big deal if you were just browsing regular websites and no sensitive data, such as passwords or credit card information, are being used.

If you were to type in personal sensitive data, like your name, address phone number, passwords or credit card information, that sensitive data goes from your computer and travel across the public Internet to that web server and this makes your data vulnerable because a hacker on the Internet can listen in as that data is being transferred and steal your information.

No one that I know would feel comfortable knowing that intruders are looking at their information as it travels around the web.

This is a very big problem as far as security is concerned. This is why HTTPS was developed. Https stands for secure, hypertext Transfer Protocol, and this is HTTP with a security feature, secure HTTP encrypts the data that being retrieved by HTTP.

data

HTTP ensures that all the data that are being transferred over the internet between computers and servers are secure by making the data impossible to read, and it does this using encryption algorithms to scramble the data that are being transferred.

For example, if you were to go to a website that requires you to enter personal information such as passwords or credit Card numbers, you will notice that an S Will be added to the HTTP in the web address area.

This S indicates that you are now using secure HTTP and have entered a secure website where sensitive data is going to be passed and that data is going to be protected. In addition to the S, some web browsers will also show a padlock symbol in the address bar to Indicate that the site is secured.

The data is sent scrambled in an unreadable form as it travels across the internet. If a hacker were to try and steal your information, he would get a bunch of meaningless data because the data is encrypted and the hacker would not be able to crack the encryption to unscramble the data that is now secured using HTTPS. HTTP protects the data by using one of two protocols and one of these protocols is SSL or secure Sockets Layer protocol.

SSL encryptions

SSL uses public key encryption to secure data. Basically, this is how SSL works. So when a computer connects to a website that’s using SSL, the computer’s web browser will ask the website to identify itself. The web server will send the computer a copy of its SSL certificate. An SSL certificate is a small digital certificate that is used to authenticate the identity of a website.

Its primary use is to let your computer know that the website you’re visiting is trustworthy. The computer’s browser will check to make sure that it trusts the certificate and if it does, it will send a message to the web server to get an acknowledgement response.

After that security check is complete, encrypted data can now be exchanged between your computer and the web server. There is another protocol that secure HTTP can use. It is called TLS or transport layer security.

TLS encryption

It is the latest industry standard cryptographic protocol. It is the successor to SSL and it is based on the same specifications like SSL. It also authenticates the server client and encrypts the data. It is also important to point out that a lot of websites are now using secure HTTP by default to transfer sensitive data or not.

This has to do with Google. Google is now flagging websites as not secured if they are not protected with SSL. If a website is not SSL protected, Google will penalize that website in their search rankings.

That is why if you go to any major website, you’ll notice that secure HTTP is being used rather than standard HTTP.

Leave a Comment