3.4 How secure is your browsing?
Web browsers have made it easy to determine if a website is using TLS/SSL by:
- Making all secure addresses begin ‘https://’ (rather than ‘http://’) with the s standing for ‘secure’. Examples include Gmail, at https://mail.google.com/ [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] ; Google defaults to Google Safe Search at https://www.google.com/, which means that your search requests and results cannot be seen by others.
- Showing a closed padlock symbol in or near the top of your browser window.
Activity 2 Your own browsing security
Visit a website that you use regularly (it could be this one!) and find a page that you would expect to use a secure network connection. A common example would be your webmail account or online banking website. Use your browser’s help feature and click on the padlock icon to find out about its meaning.
Research browsing security online. You might find that your browser shows different versions of the padlock to highlight potential problems with the secure connection.
Up until 2019, the DNS information requested was sent as plain text and could be intercepted even when the data being sent or requested was encrypted. From 2019, it has become possible for DNS requests to be encrypted. In a Firefox browser go to settings, then network settings and select the enable DNS over HTTPS checkbox.
As mentioned in Week 4, Chrome 78 is also experimenting with this feature, which can be enabled by browsing to ‘chrome://flags/’ in your Chrome browser, searching for ‘dns-over-https’ and enabling this feature. You will have to restart the browser for this change to take effect.