Wow, I didn’t know this! Thanks, Lynne Fellows for bringing Paul White’s article to my attention. Everyone should know these distinctions.
A secure connection does not mean a secure site
The green lock means that the site has been issued a certificate and that a pair of cryptographic keys has been generated for it. Such sites encrypt information transmitted between you and the site. In this case, the page URLs begin with HTTPS, with the last “S” standing for “Secure.”
Sure, encrypting transmitted data is a good thing. It means that information exchanged between your browser and the site is not accessible to third parties—ISPs, network administrators, intruders, and so on. It lets you enter passwords or credit card details without worrying about prying eyes.
But the problem is that the green lock and the issued certificate say nothing about the site itself. A phishing page can just as readily get a certificate and encrypt all traffic that flows between you and it.
Put simply, all a green lock ensures is…
View original post 562 more words