by TweetieBird 11 Replies latest jw friends
Thank you to everyone that replied.
to rhett, you were right, that is only a link to a directory of other sights. I didn't provide the web site as I am technically still a dub and would not want to expose myself at this point. However, I did go to our web site and it is http://xxxxxxxxx.com, not https://xxxxxxx.com
dont worry yourself too much over this, just make sure legal sees it and that your websites Privacy Policy does not make any fallacious claims.
1) https (SSL) is generally only used for the parts of the site requiring submission of sensitive information. the homepage for example, will almost never use SSL.
2) as simon points out, the notion that https is absolutely secure and that http is open to every joe with a computer and a little hacking skill is a total fallacy. there are different levels of SSL encryption, and different methods of verification. and this is only a measure of how secure the transmission of data is. most attacks take place on the server itself, it makes not one whit of difference how securely you transmitted the data to the server. so called man-in-the-middle attacks on standard http submissions, though a security concern, are quite rare.
3) all being said, internet data is generally more secure than the conventional transmission of data in the real world, eg. typing your PIN into a bank machine, giving your credit card to a restaurant server.
personally when it comes to submitting sensitive data, i spend more time looking at the sites professionalism and reputation than at their level of encoding. (though the use of secure http says something about their professionalism just by itself.)
mox
