Senator wants more secure Web sites for Wi-Fi use [CNET News]
Sen. Charles Schumer (D-NY) has called on a number of online companies, including Amazon, Twitter, and Yahoo!, to adopt the HTTPS protocol to help curb password and data theft over public Wi-Fi networks. Right now, many users at public Wi-Fi hotspots transmit information, including logins and passwords for popular websites across the airwarves unencrypted.
Sen. Schumer cited the readily-available programs that allow even the most amateur hackers to access private information shared over public Wi-Fi hotspots. Sites that use HTTP protocol do not provide the security of the HTTPS protocol. HTTP is used primarily by sites that do not transmit secure information, while HTTPS uses “secure sockets layer” or SSL to encrypt sensitive information, which makes the data less susceptible to hackers.
For the most part, online retailers and merchants use HTTPS but there is currently no rule requiring them to do so. Many sites, including many that provide webmail do not have a method to allow users to log in on a secure connection. On a public Wi-Fi network, a hacker could intercept their login credentials when the unsuspecting user is signing in to their webmail site. Sen. Schumer would like to see a rule put in place requiring HTTPS, but in the meantime he is simply targeting some of the biggest online companies and requesting they adopt the more secure protocol.
Twitter currently uses HTTP protocol, as does Facebook. However, Facebook allows users to enable HTTPS, but the users must opt-in on their own.
Comments