Featured post: How to Make Sure Your Information is Safe Online

It seems like there is an almost constant stream of online security scare stories in the press nowadays. Whether it’s Adobe accidentally spilling 38m user names and passwords (hint: the most popular password with almost 2m users having it was 123456) or some poor unsuspecting schmuck buying Christmas presents from a shiny online store that isn’t really a shop but just a site to take your money and poop on your dreams (or something equally as melodramatic).

Whilst there isn’t a great deal you can do about someone like Adobe getting hacked, you can make sure that you have a different password for all your main sites and if it’s too difficult to remember all these alpha-numeric passwords (don’t go for 654321 or anything like password, okay?) just get a password locker app for your phone. There’s a good round up of these on Wired.

Generally though, there are somethings you can do to make sure you’re looking at a proper website that has more than a passing interest in keeping your information safe. Most websites start with http://. The http stands for hypertext transfer protocol if you’re interested, and even if you’re not, you should be because it leads us on to https, which stands for hypertext transfer protocol secure. That final word should probably cut through all the jargon for most people because secure means safe. Https sits on top of a system called SSL, which stands for secure socket layer. Basically it allows for the creation of an encypted connection between you and the server of the site running https by using what’s called public and private key encryption. In order to run this sort of encrypted link, the site needs what is called a SSL certificate. There are a finite number of organisations that issue these certificates, and a lot of them are closely linked to anti virus companies so in theory, if a website is dodgy, you shouldn’t get an SSL connection or at the very least your browser will come up with a warning about the certificate being unverified. SSL online security from Thawte amongst others, will ensure that as a visitor, you can be pretty sure that you’re not going to get into murky waters online.

If you’re interested, in Chrome you can check the security by clicking on the padlock icon near the address and you can view the details of the security:

This one is for Amazon, and it shows the identity of the website has been verified, the certificate has been issued by VeriSign and, hurrah, the connection is secured with 128-bit encryption. Encryption is good and by extension, you should probably feel a warm glow of safety when you see the padlock symbol.
Of course nothing is infallible and sometimes n’eer do wells in Iran manage to trick a certificate issuer into giving bogus certificates for domains that looked like they should have belonged to sites like Google and Yahoo!. This would have allowed the attacker to steal login credentials from anyone who entered a username and password into the fake page. 
So SSL is an important part of your online safety net but it should only be part of it. Savvy use of passwords, perhaps only using credit cards (where fraudulent use wont stop you having cash in your pocket) for online shopping, should also be considered, as well as a decent virus scanner and the latest up to date version of whichever web browser floats your boat. If you’re actually a retailer wondering where to buy SSL products , the aforementioned Thawte, one of the larger providers, for example, is pretty well priced for businesses.