[24/08/2022]

Secure connections (https) - What lies behind them?

Rate this post 

SSL stands for Secure Socket Layer. There is a newer version of SSL called TLS (Transport Layer Security). Both options refer to cryptographic protocols. When these protocols are used, the browser displays a padlock in the address bar.

Google is probably the most powerful company on the Internet. It is also a big brother, a web attacker, and famous for tracking its users. Google has been trying to force webmasters to use SSL connections over the last few years. Most websites and people use its services, which means that many of the advantages of an SSL connection vanish because it will track you in the background. I avoid it like the plague.

Most webmasters and companies fear Google, and do all it says. They are afraid of being penalised. This is why most web addresses start with https.

For a website to use secure connections (SSL or TLS), a certificate must be bought. It is true that there are free alternatives, or you can even create your own certificate, which is not recommended because the majority of browsers will not recognise it. The prices of SSL certificates vary. It may cost twenty dollars or a thousand dollars a year. Some companies are making a lot of money because of SSL certificates.

Something said over and over again by those in power or in an influential position may become a rule, even if it is not true. A case in point is the use of SSL certificates. Many websites do not really need them. However, they are a must for those websites that handle sensitive information.

On the other hand, SSL connections can cause trouble: Anyone that enters a site with an old browser may not be able to view it because the SSL handshake between the website and the web browser will fail. In other words, the web server will not support the encryption algorithms of the old browser, and issue a warning such as "A (secure) connection could not be established". The user will not be allowed to visit the website, as a result. If the SSL certicate expires, the browser will complain and will not display the website. If the date or time is set incorrectly in the user's machine, the web page will not be shown either. Any mistake you make when you set up the secure connections to your web server will have disastrous consequences for your business or website. And so on, and so forth.

Please note that public WI-FI networks are not secure at all, and pose a huge risk, since the owner of the network can gain complete access to your device, and view your photos, documents, and so on. Avoid them at all costs. Use your mobile data instead.

You may find the following article interesting: Dangers of public Wi-Fi: How to use open networks safely. (Source: https://clario.co/blog/public-wi-fi-security-risks/)

 

Now let's list some examples below:

 

Warning: Potential Security Risk Ahead

Firefox detected an issue and did not continue to www.example.com. The web site is either misconfigured or your computer clock is set to the wrong time.

It’s likely the web site’s certificate is expired, which prevents Firefox from connecting securely. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.

What can you do about it?

The issue is most likely with the web site, and there is nothing you can do to resolve it. You can notify the web site’s administrator about the problem.

 

Warning: Potential Security Risk Ahead

Firefox detected a potential security threat and did not continue to www.example.com. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.

What can you do about it?

The issue is most likely with the web site, and there is nothing you can do to resolve it. You can notify the web site’s administrator about the problem.

Learn more…

Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for www.example.com. The certificate is only valid for example.com.

Error code: SSL_ERROR_BAD_CERT_DOMAIN

View Certificate

 

A private connection to www.example.com can't be established

because your computer's date and time (Friday, 17 December 2021 at 14:18:00) are incorrect.

NET::ERR_CERT_DATE_INVALID

Help me understand

To establish a secure connection, your clock needs to be set correctly. This is because the certificates that websites use to identify themselves are only valid for specific periods of time. Since your device's clock is incorrect, these certificates cannot be verified.

 

Your connection is not fully secure

This site uses an outdated security configuration, which may expose your information (for example, passwords, messages, or credit cards) when it is sent to this site.

NET::ERR_SSL_OBSOLETE_VERSION

Help me understand

The connection used to load this site used TLS 1.0 or TLS 1.1, which are deprecated and will be disabled in the future. Once disabled, users will be prevented from loading this site. The server should enable TLS 1.2 or later.

 

Secure Connection Failed

An error occurred during a connection to www.example.com.

Error code: PR_CONNECT_RESET_ERROR

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

Please contact the web site owners to inform them of this problem.

 

Secure Connection Failed

An error occurred during a connection to www.example.com. The peer used an unsupported combination of signature and hash algorithm.

Error code: SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

Please contact the web site owners to inform them of this problem.

 

In short, if you feel that your website does not require SSL encryption, do not use it because it is very restrictive. Moreover, everybody will have access to your website, and you will not have to worry about anything.

 

I include some related news about Google's tracking below:

• Google services including Search, YouTube, Gmail, Google Maps, etc., have penetrated your lives and Google knows more about you than you might think. Google says collecting data improves its services. However, a large number of users disagree and are looking for ways to keep Google from tracking their location, web browsing, and more. Here’s how to stop Google tracking. (Source: https://pandavpnpro.com/blog/stop-google-tracking)

• YOU'RE PROBABLY AWARE that Google keeps tabs on what you're up to on its devices, apps, and services —but you might not realize just how far its tracking reach extends, into  the places you go, the purchases you make, and much more. (Source: https://www.wired.com/story/google-tracks-you-privacy/)

• It's creepy when someone knows where you are without you telling them, and it's just as creepy when a company knows. If you use one of Google's apps on your iPhone or Android device, there's a chance the company knows your location. While your Google account's location history is disabled by default, there could be other culprits. Some Google apps could be storing your location with a timestamp. (Source: https://www.cnet.com/tech/services-and-software/google-is-probably-tracking-you-but-you-can-stop-it/)

• Google tracks your location as part of its drive to gather as much data as possible from its users to help it target advertisements. (Source: https://www.thesun.co.uk/tech/16843836/google-tracking-you-app-setting-stop/)

• Google faces $5 billion lawsuit in U.S. for tracking 'private' internet use. Google “cannot continue to engage in the covert and unauthorized data collection from virtually every American with a computer or phone,” the complaint said. (Source: https://www.nbcnews.com/tech/security/google-sued-u-s-tracking-users-private-internet-browsing-n1222676)

• When you use the web, you send data about your activity and location back to Google and other sites. Aside from cookies, Chrome tracks you through a number of identifiers. These include: IP address, Log-in information, Browser user agents and more. (Source: https://clark.com/technology/google-chrome-do-not-track/)

• “In reality, regardless of the settings they select, consumers who use Google products have no option but to allow the Company to collect, store, and use their location,” the suit states. “Simply put, even when a user’s mobile device is set to deny Google access to location data, the Company finds a way to continue to ascertain the user’s location.” (Source: https://www.wsj.com/articles/states-file-new-suits-against-google-over-location-tracking-11643037890)

• The U.S. government is reportedly secretly issuing warrants for Google to provide user data on anyone typing in certain search terms, raising fears that innocent online users could get caught up in serious crime investigations at a greater frequency than previously thought. (Source: https://news.yahoo.com/government-secretly-orders-google-track-151000879.html)

• A coalition of seven consumer organisations is filing complaints with local data protection regulators over Google's tracking system. (Source: https://www.bbc.com/news/technology-46356999)

• Criticism of Google includes concern for tax avoidance, misuse and manipulation of search results, its use of others' intellectual property, concerns that its compilation of data may violate people's privacy and collaboration with the US military on Google Earth to spy on users, censorship of search results and content, and the energy consumption of its servers as well as concerns over traditional business issues such as monopoly, restraint of trade, antitrust, patent infringement, indexing and presenting false information and propaganda in search results, and being an "Ideological Echo Chamber". (Source: https://en.wikipedia.org/wiki/Criticism_of_Google)

• To make a long story very short, Google can track you even if you are using a VPN. You can make it extremely difficult for Google to tie your computer’s IP address to a location, but we will discuss that in more detail later on in this article. One of the main reasons is because of how Google ties so much of what you do to your Google account. (Source: https://cofes.com/can-google-track-vpn/)

• Google Analytics — a free Google service used by millions of websites and apps — is actually the biggest cross-site tracker on the Internet, lurking creepily behind the scenes on around 72.6% of the top 75k sites. While “analytics” sounds harmless and is in fact something websites need to improve their services, what’s happening underneath the hood with Google Analytics is anything but harmless or necessary. (Source: https://spreadprivacy.com/how-does-google-track-me-even-when-im-not-using-it/)

 

In conclusion, do yourself a favour and stop using Google once and for all. By doing so, that tyrant can be defeated. Furthermore, there are alternatives to Google.


The number of votes and the score (from one to ten)
The number of votes received: 40
The average score: 4.33
 
Comments
• You can encrypt and unencrypt this weblog (Written by Miquel Molina — 20/03/2023)

Now you can encrypt and unencrypt the pages at Polseguera.com, that is, you can choose between https and http. Please note that if you use an old browser, the website may not be displayed with an encrypted connection. In this case, you only have to switch from https to http.

 

 
Post a comment
Name:


Email: (It will not be published. You may leave this field blank if you wish.)


2 + 2 = ?

Please write the sum of two integers above.

Title:


Comments:

Code:



All rights reserved.

 

 
 
Available Weblogs

Start Page