I've read several blog posts by people who say that they refuse to visit or link to web sites that do not SSL.
I would never enter a credit card number of buy from a web site that does not use SSL, but I have never been so paranoid as to refuse to visit unencrypted web sites.
SSL does not encrypt the meta data left by your computer browsing. A hacker who finds out that you visited this blog will see exactly what you see when you visited this blog ... just a bunch of opinionated posts by a computer hack.
SSL certificates do not prevent advertisers from tracking your every move. They only prevent people who are sniffing web traffic on a router from seeing the content that you see.
I have not added SSL certificates to all my sites for a very simple reason. The certificates are expensive and require regular maintenance. A certificate for a single subdomain costs about $70 per year. (The sale price of certificate at Godaddy was $62 on 11/26/2015) Wildcard subdomains cost several hundred dollars.
The cost of SSL is prohibitive for charities, small businesses, and information sites.
This particular blog is hosted by Google on blogspot. I decided to turn on the SSL option. You can see the SSL version the site at https://communitycolor.blogspot.com. Google is a huge company at the center of the Internet world; So, I guess they are able to get wildcard SSL certificates at a sufficient discount that allows them to give the things away.
Turning on SSL is a simple matter of going into settings page on blogger.com and clicking SSL.
They only have SSL options for sites ending in blogspot.com. I cannot add SSL to my other blogspot blog blog.yintercept.com.
*It is possible to add a self-signed certificate to a web site.
Internet browsers raise a warning when you enter a web site with a self
signed certificate. I find the warnings silly because a site with a
self signed certificate is more secure than a site with no certificate.
No comments:
Post a Comment