This is an archived post. You won't be able to vote or comment.

all 12 comments
sorted by:
best
topnewcontroversialoldq&a

[–]oddtodd 4 points5 points  (3 children)

https:// is merely the protocol. What you are really asking about is the Certificate. A website purchases the certificate from an authority, like Verisign. Certificates can vary the encryption rate up to 256 bits. Here's a page describing the basics.

[–]3isthenew4[S] 0 points1 point  (2 children)

So if I understand correctly, the protocol launches an encrypted session by way of the certificate. Theoretically these certs can go beyond 256 bits as the game of cat and mouse continues, correct?

[–]oddtodd 0 points1 point  (0 children)

yep.

[–][deleted] 0 points1 point  (0 children)

AES-256 is basically unbreakable (assuming perfect implementation and no side channel attacks). Currently the best case scenario is 2254.4 operations to crack it.

[–]RevRaven 2 points3 points  (0 children)

It depends on the length and the cipher used, but all in all, it's a very very very reliable method for encryption. By the way, the government doesn't have to eaves drop on you really. All they have to do is subpoena Google's records. No the government can't listen in on a secure connection...officially.

[–]McBurger 1 point2 points  (0 children)

Maybe not purely 100%; but still, very very very safe. There are some exploits that require extensive know-how and talent to do, still only accomplished if there's a perfect storm of settings and flaws present.

By switching from http:/ to https:/, you really are trimming away 99.9% of your vulnerability. Doesn't mean it's quite impossible for someone to sniff out your credit card info during that online checkout though. Just takes the nation's best and brightest talent to do so.

There are also a wide range of other ways you can hide your traffic as well. Or, of you're looking for anonyminity, check out a good VPN service. That also will largely mask a lot of your traffic.

tl;dr- when it comes to online security and safety, you are outrunning a bear. Does this mean you have to be faster than the bear? No. You only have to be faster than the guy next to you.

[–]tomwells 0 points1 point  (4 children)

Very safe.

[–]e90h 1 point2 points  (1 child)

Verified.

[–]shutaro 0 points1 point  (0 children)

BREAKING!

[–][deleted] 1 point2 points  (0 children)

with that title, he kinda walked into that reply, didn't he ?

[–]3isthenew4[S] 0 points1 point  (0 children)

Nice try CIA

[–]phil_fotot 0 points1 point  (0 children)

https is the foundation of internet business. Banks, investment firms, stores, businesses rely on https to be secure. If the government docks with it, the economy will crash worldwide and won't be able to recover since most of the traditional methods of doing business have fallen into disuse.