Spot the s, look for the lock
It’s been a few months since the last reader question column. Thank you for all the questions. Please keep them coming. I appreciate the back and forth. This month let’s answer an inquiry that several of you have e-mailed to me.
Cathy from Anna asks, “I keep reading all of these warnings about viruses, and I saw something on the news the other day about online scams. How do I know when it is ok to enter information on a website?”
Well, I’m not going to tell you that you should ever be one hundred percent trusting of any website, but there are some indicators you can use to “surf” securely. Anytime you look at a website, information is sent from your computer to the computer that hosts that website.
That computer is called a “web server.” Once the web server receives the request from your computer, it then sends the information requested back to your computer for your browser to display. You may be using one of several different browsers, i.e. Internet Explorer, Firefox, Chrome. It doesn’t matter which one you use. At their core, they all perform this function.
The problem is that normally the transmission of this information is sent in “plain text,” meaning anyone would be able to read it should they see it, which should be no problem, right? Well, there’s another issue. Rarely, do you make a connection directly to a web server when you surf the Internet. Rather, each piece of information transmitted, traveling in both directions, hops from server to server many times before it reaches its destination.
Let’s look at this process in action. Keep in mind these steps may be different depending upon what version of Windows you’re using, but for most of you the following process should work.
On your computer, click Start
Type “cmd” and click “OK” (or press Enter)
Type this in exactly: tracert www.icl.coop
Do you see all of those strings of numbers that appear? Those are all different web servers that your data gets pushed across in order to reach our web page. And, most of the time, that’s perfectly fine. What happens when you want to purchase something online, or visit your bank’s website? Do you really want your information sent out across that many servers? Remember, those servers are just computers, and you have no idea who owns those computers.
Ok, now that we’ve looked at why it’s bad to send that type of information over the web, let me show you how to know when you’re surfing securely.
Fortunately, in 1994 a little company called Netscape created something called “Secure Socket Layers,” or SSL to secure web browser communications over networks. Basically, SSL uses a complex system of key exchanges between your browser and the web server you’re communicating with in order to encrypt data before sending it out across all of those other computers over the web.
When you have an active SSL session open with a web server, you can say you are surfing securely.
But, how can you tell if a web page is using SSL?
There are really two ways. First, check the Uniform Resource Locator, or URL. That’s just a fancy way of saying check the address of the website you’re using. You probably didn’t have to type in the http:// in your web browser. Most browsers fill in that data now. But, if you look in the browser window at the top while you’re on a web page, you’ll see it. If there is nothing before the “www” (or the web address), then you’re browsing on standard http. Anything you send is not encrypted, and thus it’s not safe to transmit data that you consider sensitive.
However, if you see https:// before the URL, then you know you’re on a site with an active SSL session open. It’s very important that you see the “s” after the http. There’s also another obvious indicator.
It’s pretty standard practice these days for browsers to display a lock icon when you are on a page that has an active SSL session. Newer browsers usually keep the lock right by the URL. Older browsers have it located in various places on the screen. That lock is not just a little picture of a lock. Click on it and you’ll see data displaying the security certificate of the site you’re visiting. That way you can make sure you’re in the right place.
Ok, I hope that helps! Just remember, to be sure you’re surfing securely do two simple things:
Spot the “s” and look for the lock!