As the encryption debate rages on, going beyond the Apple case to our daily lives, “now” seemed as good a time as any to set-up site-wide SSL protection on TV Calling.
For folks that don’t yet know, SSL is “a standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.”
I’m a firm believe that HTTPS should (and will) become the default on the Web in the near future.
In fact, many people and organizations, from the Electronic Frontier Foundation to Let’s Encrypt, have been pushing all websites to offer front-end HTTPS and SSL protection for all their pages.
Does privacy really matter? Well, the Pew Research Center showed last year that 93% of US adults said that being in control of who gets their information is important.
In addition to the obvious privacy benefits, bringing SSL to the masses also minimizes the risk of man-in-the-middle hijacking attempts (e.g. attacks inserting malware into diverted Internet traffic). Such attacks were already hijacking enormous chunks of online traffic by 2013 standards.
Oh, and let’s not forget the many security concerns raised since the Snowden revelations.
(Speaking of, Edward Snowden had yesterday a very interesting Twitter conversation with The Wire‘s David Simon about surveillance.)
We’re still far off from 100% coverage across all websites, since at the end of 2015 “only ~40% of websites and ~65% of transactions were protected through HTTPS.”
On the bright side, Let’s Encrypt celebrated their millionth SSL certificate earlier this month. That’s an additional 2.4 million domains secured over the past 16 months.
But back to TV Calling.
The main purpose of having SSL here is really to provide a basic level of security and encryption, protecting any TV Calling user data that may be sent over (in contact form or otherwise).
Another (more relevant) reason for bringing site-wide SSL encryption is that TV Calling may (read: will) be having some TV writing-related sales going on in the near future…
You can tell this is the real SSL deal because:
1) There’s that small (often green) lock icon in your browser’s address bar confirming a site has a valid SSL certificate (directing you through https instead of the open http);
2) Now I can put some fancy SSL seals all over my site, such as:
If you’re having any technical issues whatsoever (dead links, weird redirects), please let me know!