• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Thanks for Helping Take Care of Security, Google

June 26, 2019 By Emil Hozan

By now, most folks should know the difference between hypertext transfer protocol (HTTP) and HTTP secure (HTTPS). If not, HTTP is human-readable content floating through the inner tubes of the magical Internet. HTTPS is an encrypted format of this content, ensuring only involved parties can communicate between each other. The latter is performed by registering a domain name and obtaining an SSL certificate. This certificate encrypts communications between a user and a specified domain name, preventing session hijacking amongst other forms of web attacks.

With developments in Internet security, HTTP Strict Transport Security (HSTS) is a level up in ensuring security. In a nut shell, HSTS is a hard-coded list of domains that are ONLY accessible via HTTPS; this list is available for most major web browsers. Attempting to access a site on this list without HTTPS is futile.

Thanks to Google, they’ve worked on helping shift the world’s Internet usage forward with security in the forefront of their minds. Google has launched several top-level domains (TLDs) that offer security for all subdomains of these TLDs – hassle-free for web developers! Sites hosted with a Google-provided TLD are automatically included in the preloaded HSTS list. This alleviates the need for web developers or those getting started from needing to worry too much about integrating security into their website. Note that there are other measures that can be taken but still, this is a great first step!

Steps like this, from companies with such a large presence, can help cause a worldwide shift. Cyber warfare is an ongoing war; the battles are won one fight at a time. In this case, the weapon of choice is HTTPS and its cousin, HSTS.

Share This:

Related

Filed Under: Editorial Articles Tagged With: Digital Certificates, encryption, hsts, http, HTTPS

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
  • Rustbuckets and Papercuts
  • Securing Healthcare Tech

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • TikTok is Banned, Kind Of
  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
  • Securing Healthcare Tech
  • Rustbuckets and Papercuts
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use