The growth of cyber-attacks and the widespread news about watching by governments has resulted to the fact that the network has become filled with massive calls for improving security. An important aspect of this approach – encrypt the traffic that is coming from the site and to the site. Google, Facebook, Microsoft – companies that are making efforts to pushing SSL / TLS encryption (Secure Sockets Layer / Transport Layer Security), although it can be quite difficult and expensive to implement. Here are the basics of what you need to know.
What is SSL / TLS
Its protocol, which was partly developed by Netscape back in the 1990s. It was necessary in order to ensure the authenticity of the site and to allow the transporting of data in a secure way between end users. It creates a secure connection by using public key cryptography, which is reflected in the form https and the padlock in the address bar of your browser.
Why is it so important?
Communication via protocol http: // can be intercepted by hackers. Data can be intercepted or stolen, creating security and privacy risks for users. Virtually all reputable banks and e-commerce sites today use SSL / TLS, however many smaller sites still have not switched to HTTPS, which is a hole in the security.
Is it difficult to set it up?
SSL / TLS is hard enough to apply, especially for very large sites. Organizations such as CAs, selling different types of digital certificates that are used to test Web sites. Depending on the type of certificate, CAs verify the legitimacy of the object for protected against fraudulent Web sites. However, certificates can be quite expensive, and critics say the cost and complexity deterred from buying SSL. Certificates also expire on the expiration date, and it is important that admins know that they can renew certificates.
Is there any weaknesses?
Actually, a lot. Cybersecurity experts tracked a lot of attacks, which have been associated with the use of SSL / TLS connections. The OpenSSL vulnerabilities have been found, for example, Heartbleed. CAs may also be randomly hacked, and certificates issued to sites, which was involved in phishing operations.
What has been done with these problems?
Recently there has been a wide move to certificates on the network. Bugs in the TLS / SSL quickly corrected with the discovery of new types of attacks. SSL / TLS alternatives in the near future is not expected, as it would require for the entire industry to global adoption of the new standards. Currently one of the most important tasks is to protect the private SSL / TLS keys and security modules.