Editing 2634: Red Line Through HTTPS
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 8: | Line 8: | ||
==Explanation== | ==Explanation== | ||
+ | {{incomplete|Created by a RECURSIVE REDLINE - Please change this comment when editing this page. Do NOT delete this tag too soon.}} | ||
− | + | Some web browsers display https with a red line through it (<span style="color:red"><s>https</s></span>) to indicate that there is a problem with the HTTPS connection. The red line is supposed to be a clear warning to the user that the connection is not guaranteed to be secure, and that anything about the site might have been modified. But more importantly, that anything you send back (like passwords) might be observable by anyone. | |
− | + | However, in practice some sites simply are misconfigured or have never been updated to use newer security measures. In these cases the red line through https are nothing to be concerned about, and as stated in the comic probably just means the site hasn't been maintained for a long time. This is especially true for websites that are simple documents that don't ask for any sensitive information from the user. Cueball takes this line of reasoning to the extreme, concluding that webpages with the red line are perhaps more likely to be safe than webpages that are more modern and supposed to be more secure. | |
− | |||
− | |||
− | A comprehensive list of reasons | + | There is a wide variety of reasons why a HTTPS connection might not be secure. A comprehensive list of reasons with examples can be found on badssl.com[https://badssl.com/]. |
− | + | The title text uses two very circumstantial (and not really dependable) details as if they were factors reinforcing the misplaced trust. For the first, you may perhaps think that if someone is still paying domain/hosting fees that they are still confident about their site's content. For the second, the search engines/archives appear to have not lost ''their'' confidence in it for whatever reason. There are problems with both these assumptions, and it does little to restore sanity to the already shaky understanding being exhibited. | |
− | |||
− | |||
− | |||
− | |||
==Transcript== | ==Transcript== | ||
− | :[White Hat | + | {{incomplete transcript|Do NOT delete this tag too soon.}} |
+ | :[White Hat sits at a desk facing his laptop with Cueball standing behind him looking over his shoulder.] | ||
:White Hat: What does the red line through https mean? | :White Hat: What does the red line through https mean? | ||
:Cueball: Oh, just that the site hasn't been updated since 2015 or so. | :Cueball: Oh, just that the site hasn't been updated since 2015 or so. | ||
:Cueball: And since it's been around that long it means it's probably legit. | :Cueball: And since it's been around that long it means it's probably legit. | ||
+ | |||
{{comic discussion}} | {{comic discussion}} | ||
− | + | [[Category:Internet]] | |
+ | [[Category:Comics featuring Cueball]] | ||
[[Category:Comics featuring White Hat]] | [[Category:Comics featuring White Hat]] | ||
− | |||
[[Category:Computer security]] | [[Category:Computer security]] | ||
− |