We have been taking steps to make the CAT+FD site more secure. Most recently, we started serving all our content over a secure connection. From this point on, anytime you're visiting our site (including this blog) you may see "https://" at the beginning of the web address in your browser's location field. You may even see a little padlock symbol.
This varies from browser to browser, but here's how it looks on Chrome:
This means that all the content that flows back and forth between your browser and our site is encrypted, encoded, making it harder for anyone else to snoop.
Of course (unless you're CAT+FD staff) you probably aren't exchanging any sensitive data with our site. Still, it's a good idea, with increasing concern in recent years over civil liberties in an age of ubiquitous surveillance.
It might also be the wave of the future. More and more sites are supporting encryption. Google already favors secure sites in its search results.
Some browsers make it easy for you to examine a site's digital certificate. Here's how that looks in Safari:
This shows you that we are who we claim to be. DigiCert is a third party that verifies Xavier's identity.
Sounds pretty good, right? In fact, you may wonder why all your web transactions aren't secure. Well, it's the same reason why we don't all engage in good password behavior. We know it's good in theory, but in practice we defer and delay. Some sites you visit undoubtedly do support secure transactions — but only if you ask for it. You can encrypt as much as possible by using a browser extension like the Electronic Frontier Foundations's HTTPS Everywhere, available for Chrome, Firefox, Opera and Android.
Thanks to ITC for helping us to implement HTTPS.
Pingback: Just Encryption Part 1: Web Basics – CAT FooD