When the Hypertext Transfer Protocol was introduced nearly 30 years ago, the Internet was a small, cozy club hosting just one website. The nearly three decades of service since – more like three centuries in “technology years” – have shed light on several challenges never thought of in the design process.
Encryption by default is still a long way away
One of the most important shortcomings of the HTTP protocol is the lack of encryption by default. This allows an attacker connected to the same network as you to inspect traffic originating from your device in order to intercept login credentials, authentication cookies or manipulate your traffic. The HTTP Secure extension to the protocol alleviates these issues, but adoption is slow, and almost half of Internet websites still rely on HTTP to exchange information with client devices.
To alleviate some of these side effects, big names in the tech industry have formed alliances to allow cost-free implementation of HTTPS. At the same time, Google has taken drastic steps to mark HTTP-only websites as not secure for all Chrome browser users in a push to force website owners to switch to HTTPS. But unless they use Chrome as their main browser, average end-users will still have a hard time telling when they are about to send passwords or other sensitive content across the web in a manner that can be overheard by everyone.
Security solutions to the rescue
Modern security solutions, such as the freshly released Bitdefender Total Security 2019, implement technologies to help users stay in control of their data and warn them when their data is about to be sent in a potentially risky manner. Dubbed Network Threat Prevention, this technology is specifically designed to help you steer away from online threats, and keep your passwords private.
This new technology can also prevent exploitation of vulnerabilities in your system, and it can detect and block brute-force attacks aimed at guessing your passwords, prevent your device from being compromised in botnet attacks, and prevent sensitive information from being sent over an unencrypted channel.
Websites without HTTPS enabled – usually represented by that little green lock at the beginning of the website’s name – are not necessarily bad or a danger to your privacy, and it’s worth noting that even websites that do have HTTPS can be fraudulent.
For instance, attackers can use HTTPS to add credibility to a phishing website that impersonates a popular bank, financial service or online retailer. Taking advantage of the old days when a green padlock in the browser would guarantee security, integrity and trust, modern hackers make sure to turn HTTPS on by default on phishing sites. This not only that improves credibility, but also allows hackers to download malware via secure, encrypted channels. This is why Bitdefender has an Encrypted Web Scan module designed to prevent users from accessing apparently safe but potentially hijacked or malicious websites.
Modern security solutions include protection against a wide range of threats, from malware, phishing and fraud to inadvertent leaks of private data. Bitdefender Total Security 2019 provides these technologies in one comprehensive package that is easy to install and configure. Awarded the Product of the Year distinction in the AV-Comparatives benchmarks, Bitdefender products provide the best protection against infections, letting you do your thing.