Most Internet traffic is now sent over an HTTPS connection, making it "secure." In fact, Google now warns that non-encrypted HTTP sites are simply "not protected."
So why are there so many malware, phishing, and other dangers on the Internet?
"Safe" sites only have a secure connection.
How the inscription in the address bar can be misleading about the security of the site
Chrome used to display the word "Secure" and a green padlock in the address bar when you visited a website using HTTPS. In modern versions, Chrome just has a green lock icon, without the word " Safe."
Partly because HTTPS is now considered a basic standard for an updated browser. Everything should be secure by default, so Chrome only warns you that the connection is "Unsafe" when accessing the site via an outdated HTTP connection.
The word "Safe" also disappeared because it was misleading. It looked like Chrome vouched for the content of the site as if everything on that page was "safe." But this is not the case. A" secure " HTTPS site can be filled with malware or be a fake phishing site.
The https encryption Protocol, while remarkable, doesn't just make the connection secure. It is similar to the standard HTTP Protocol for connecting to websites, but with a level of secure encryption.
This encryption prevents people from tracking your data when it is transmitted to a particular site and stops man-in-the-middle attacks. For example, no one can track the payment details you send to the website.
In short, HTTPS ensures that the connection between you and this particular site is secure. No one can eavesdrop or interfere. That's all, it doesn't mean that the site is "safe".
HTTPS works great and all websites should use it. This means that you are using a secure connection to this particular website, that the website operator has purchased a certificate and installed encryption to secure the connection
The word "Secure" says nothing about the content of this website.
For example, a dangerous website full of malicious downloads may communicate with you via HTTPS. All this means that the website and the files you upload are sent over a secure connection, but they may not be secure.
Similarly, a criminal can buy a domain, for example, "bankorosia.com", obtain an SSL encryption certificate for it, and emulate the real website of the respective Bank.
It will be a phishing site with a" security " lock, but that means you only have a secure connection to this fraudulent site.
The role of HTTPS is still great
Although the phrase "secure site" has been used by browsers for years, HTTPS sites are not really "secure".
Websites that switch to HTTPS help solve some problems, but do not stop causing damage from malware, phishing, spam, attacks on vulnerable sites, or other online scams.
The transition to the new Hypertext Transfer Protocol, still great for the Internet! According to Google statistics, more than 80% of web pages downloaded to Chrome from Windows are downloaded via HTTPS.
This transition makes it difficult for criminals to intercept personal data, especially on public Wi-Fi networks.
It also greatly minimizes the chance that you will encounter a "man in the middle" attack on public Wi-Fi or another network.
For example, say you download an installation file .exe programs, from a website, while connecting to a public Wi-Fi network. If you are connected to a non-secure, now, HTTP Protocol, the Wi-FI operator can interrupt the download and send you another, malicious one .exe file.
If you are connected to HTTPS, the connection is secure, no one will be able to interfere with the download of your software.