Protecting Online Shoppers Against Cyber Attacks
The past year saw several high-profile cyber attacks, like the one that affected 70 million Target shoppers. Targeting your personal and financial data is big business, and even smart shoppers who protect their own information are at risk when they visit websites that aren’t up to the task. As the Target attack shows, even major retail sites can be vulnerable, not just those of small businesses. And with the holidays rapidly approaching, you may be pondering a return to the malls to keep your information safe.
It looks as if there’s good news for cyber shoppers. Some of the web’s largest and most important software companies are teaming up to provide free encryption for websites. These companies include giants like Cisco and Mozilla, along with some behind-the-scenes leaders you may not know, like Akamai, IdenTrust, and the Electronic Frontier Foundation. Their collaboration, Let’s Encrypt, is essentially the Dream Team of online security, with researches from the University of Michigan providing backup as the sixth man.
Six Partners, Six Principles
Let’s Encrypt lists its six principles as free, automatic, secure, transparent, open, and cooperative. The group wants to make adding TLS site encryption, the successor to SSL encryption, a no-cost, one-click operation. Open standards and improved security best practices for site operators and certificate authorities are also priorities.
Obviously, Security is Good
Free, hassle-free security means more of the sites you visit will help keep more of your personal information private, whether there’s a financial transaction or not. Even when you don’t buy something, visiting a site sometimes deposits files like cookies on your computer that hackers can use to access your information.
Additional encryption can have benefits beyond security, too. Google’s search algorithm provides preferences to encrypted sites, improving the odds that a quick search will help you find what you’re looking for in an era when going beyond the first page of a Google search feels like looking into the abyss.
Any Possible Downsides?
Surprisingly, governments aren’t necessarily in favor of increased security and encryption. This October, FBI Director James Comey noted that encryption makes electronic surveillance more difficult and asked tech companies to build government workarounds.
“They [US technology companies] aspire to be neutral conduits of data and to sit outside or above politics,” Robert Hannigan, head of Britain’s Government Communications Headquarters, an equivalent to our National Security Agency, wrote “But increasingly their services … are the routes for the facilitation of crime and terrorism.”
That’s not to say, of course, that any site you visit is going to be an ISIS front. But yes, extremists could possibly use free, openly available security measures designed for benign purposes in order to help secure their own extremist resources. Even so, that may be like saying door locks should be unavailable to anyone because criminals might use them.
Let’s Do It
Let’s Encrypt says its work will be available to site operators by Summer 2015. We look forward to it—how about you? Does the possibility that wrongdoers might use this work outweigh its utility for the rest of us? Will its implementation make you rethink your online habits, or make you more likely to shop online?
No matter your current habits, we doubt that one of them is appreciating a slow Internet connection. Accelerate the online activities you’re comfortable with by finding a faster plan.
Image by Yuri Yu Samoilov/Flickr
Author - HSI Staff
Will Smith is a copywriter living in Chattanooga, Tennessee. His favorite word is “petrichor,” and aside from wordplay, he loves reading history, watching Dodger baseball, and racing with the Sports Car Club of America.