101 Useful things to know. #3
I wrote this post after being sent a link to a podcast featuring one of my favorite investors Charlie Songhurst. If you don’t know who he is, look him up – he’s invested in hundreds of companies across the world.
The link I was sent was http://investorfieldguide.com/songhurst/ – notice anything? The URL should be https:// NOT http:// with the ‘s’ denoting it it secure.
And in my browser address bar i can see ‘Not Secure’
Every site should have a secure certificate now. There is no reason at all not to have one. It’s either free or extremely cheap and easy to do.
For anyone unsure what that is, SSL certificates are a small data files that cryptographically establish an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private.
These are easy to set up, in fact if you set up a website on Amazon Web Services or Fasthost you can do this, for free, in minutes. (Note: if you use a web agency to setup or move your website and they charge you a lot of money to ‘set up your SSL’ – point them here and ask them why).
When you visit a site and look in the browser address bar you should see a padlock like this:
If a website is unsecured you have no way of knowing if the moment you land on a page with a form to fill in and submit, the information you enter can be intercepted by a hacker.
This information could be anything from details on your bank transactions to an email entry to register for an subscription.
But this post is not about how to get an SSL for your website but how to be alerted when you visit a site that isn’t secure. Most browsers now have some kind of warning system built in but I’ve found the best thing to do is add the EFF plug in “HTTPS Everywhere”. You can download it for every browser here.
Once installed it appears in your browser and has a mini control panel as seen below:
HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure.
Built by Electronic Frontier Foundation the protects you from websites that are malicious or badly configured.
So now it’s installed, when I visit http://investorfieldguide.com/songhurst/ again I get a warning and can now make a decision whether to visit this website or not and whether i will allow it on this visit only or for subsequent visits as well.
In this case I’m happy to proceed, am pretty confident that the Investor Field Guide will be ok. But maybe next time you click a risky facebook or Twitter link this might just save you from giving your data to a compromised website.