tag:ask-leo.com,2008://5/tag:ask-leo.com,2005://5.9153- 2008-07-28T15:30:46Z Comments for Is an https connection really all that safe? Movable Type 3.2 tag:ask-leo.com,2005://5.9153-comment:41595 Comment from Leo on 2008-06-15 Leo -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bob's example goes to "http" so of course it would NOT be
encrypted.

That same example, to a server that supports "https" would
be encrypted.

What matters is that the URL of the page getting the
parameters, be it via a POST or a GET be an https URL.

Leo


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFIVUnKCMEe9B/8oqERAtd7AJ4xwKv/XGJLCt7cZVw5BsTgybqhmACfSgYT
7LBS5HM9loiRsrnjTZwerhY=
=swIp
-----END PGP SIGNATURE-----

]]>

A comment on: Is an https connection really all that safe?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

All content Copyright © 2008.

 2008-06-15T17:56:56Z tag:ask-leo.com,2005://5.9153-comment:41547 Comment from asdfasdfas on 2008-06-13 asdfasdfas Why don't you answer Bob's question?! I need to know! Are GET requests also encrypted?

]]>

A comment on: Is an https connection really all that safe?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

All content Copyright © 2008.

 2008-06-13T21:10:00Z tag:ask-leo.com,2005://5.9153-comment:40093 Comment from Roland Gonzales on 2008-04-26 Roland Gonzales http://unspecified I have a additional question. I understand that SSL is used to encrypt data as it is sent on a wire. But if I'm using a non-encrypted wireless access point, am I venerable to have my data sniffed between my laptop and my WAP? I understand without wireless encryption the data is sent through the airwaves in plain text.

]]>

A comment on: Is an https connection really all that safe?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

All content Copyright © 2008.

 2008-04-26T19:07:11Z tag:ask-leo.com,2005://5.9153-comment:33751 Comment from Daniel jenkins on 2007-09-12 Daniel jenkins thanks Leo my life just got easier can you recomend a survey web sit that pays.???? and when they say spam free is it really spam free???

]]>

A comment on: Is an https connection really all that safe?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

All content Copyright © 2007.

 2007-09-12T15:53:30Z tag:ask-leo.com,2005://5.9153-comment:20337 Comment from Leo on 2006-06-21 Leo If the sniffer is actually running on the machine with the browser, then all bets are off. It's effectively spyware and can see everything.

However a "sniffer" is typically a different computer "sniffing" the network, and https is the way to be safe.

]]>

A comment on: Is an https connection really all that safe?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

All content Copyright © 2006.

 2006-06-22T05:05:00Z tag:ask-leo.com,2005://5.9153-comment:20322 Comment from santosh on 2006-06-21 santosh http://unspecified when a sniffer is active on the machine where the browser is launched (to visit a site say a bank site), & if the https is being used, the sniffer will not be able to catch the data supplied from the browser -correct?

]]>

A comment on: Is an https connection really all that safe?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

All content Copyright © 2006.

 2006-06-21T19:57:13Z tag:ask-leo.com,2005://5.9153-comment:13484 Comment from Bob on 2005-12-08 Bob Hey Leo, good read - thanks for your time. One question though - is the URL for a https site passed in cleartext over the internet, for example would this be bad? http://www.somedomain.com/login.asp?username=bob&password=apples

]]>

A comment on: Is an https connection really all that safe?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

All content Copyright © 2005.

 2005-12-08T09:33:06Z tag:ask-leo.com,2005://5.9153-comment:11237 Comment from Leo on 2005-09-09 Leo Because those passwords are never sent. Using something called public key cryptography, the sender can encrypt something with the public key that can only be decrypted by the private key. The private key is never shared, and is part of what the certification process validates. Obviously it's more complicated than that, but that's the basic idea.

]]>

A comment on: Is an https connection really all that safe?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

All content Copyright © 2005.

 2005-09-09T21:34:14Z tag:ask-leo.com,2005://5.9153-comment:11236 Comment from Ronny on 2005-09-09 Ronny http://unspecified >Encryption is important because only you and the remote site can
>understand the data. Anyone in between ... say someone who's
>monitoring the information going to and from your computer ... sees only
>gibberish. It's an important way to keep your private data out of the
>hands of hackers and thieves.

If someone was monitoring my computer, how could https tell my computer what password to use to encrypt and decrypt the data without the person monitoring also getting the password?

]]>

A comment on: Is an https connection really all that safe?

Tech Questions? Get Answers! - Ask Leo! ... by Leo Notenboom
Leo's Answers Newsletter - Ask Leo! in your inbox every week.

All content Copyright © 2005.

 2005-09-09T21:05:40Z