I would like to give a quick shoutout to the folks at Let’s Encrypt that have done a great job at making the web a better place. Do you ask why I care about SSL protected web pages?
- prevents possible intruders from tampering with the communications between this website and you, my fellow readers. Intruders include intentionally malicious attackers, and legitimate but intrusive companies, such as ISPs or hotels that inject ads into pages.
- prohibits intrusions. It is possible to exploit unprotected communications and to trick users into giving up sensitive information or installing malware, or to insert their own advertisements into website resources. For example, some third-parties inject advertisements into websites that potentially break user experiences and create security vulnerabilities. It is probably not my case, but the greater Encrypt the web initiative is a cause worth pursuing.
- protects resources that travel between this website and your browser. Images, cookies, scripts, HTML… they’re all exploitable. Intrusions can occur at any point in the network, including a user’s machine, a Wi-Fi hotspot, or a compromised ISP, just to name a few.
Would you give your PC to a complete stranger in Starbucks and leave? I would not and therefore I will not do the same to my page. I agree that reading some page on the web is different than giving someone access to your Facebook pictures. But is it really? How often do you open web pages over a insecure Wi-fi? Do you trust each and every wire you are connected over?
Letsencrypt is a free SSL certificate authority by the folks from Mozilla, Cisco, Akamai, Facebook and many others. If you own, manage or run a page, give them a try. Make the web a better place.
Without further ado I announce that martinkysel.com is now HTTPS.