Fact or Fiction: Secure Sites are Always Safe
We recently had someone who read an article from another computer tips & tricks site write to us concerned because this other publication said never to use any sites that are not secure (https://). This particular publication has made a lot of money and has garnered a lot of subscribers by fear mongering and playing it free and easy with the truth. So, we’re going to tell you truth and help you sort things out.
Fact or Fiction: A Site That Does Not Use a Secure Server is Always Unsafe
Fiction!
In the article that scared one of our readers into writing to us, it inferred that any site that is not secure is not safe. That is false.
Unless a site asks for personal info (beyond your email address and name) there’s no danger to you. In order to acquire more readers or make more money, it’s not uncommon for technical writers to mislead you. In this case, the author unabashedly tells you that any site that is not running on a secure server is not safe. And sure, we know, sites running on a secure server and displaying the https:// in the browser’s address bar sounds wonderful and all kinds of safe. But as always, the truth is far more complex. That fact is that security certificates are available from many places and many are very cheap – even free. And they are also easy to get.
So, here’s the truth: If you’re going to a site to just read a news article, tips/tricks, play a game, subscribe to a newsletter, or just view the content on a site, the site does not need to be secure.
Some sites like ours, do not run on a secure server, but we do offer items for sale. In every case, where we are offering a product or service for sale, the transaction always takes place on a secure server.
Fact or Fiction: A Secure Site is Always Safe
Fiction!
The second fallacy in the article, is that all sites that are secure are safe. That is not only not true, it’s dangerous.
For instance, one of the biggest scams on the Web right now “ScanGuard” runs on a secure server. If we were to believe the misinformed author of that article, you could feel confident that all was well with ScanGuard. To believe that would be serious mistake.
Many malware & PUP distributors run on secure servers and this has always been the case. Some of the biggest malware distributors that ever lived on the web, SmileyCentral.com, and Hotbar.com (now both defunct), ran on secure servers, but they were anything but safe.
We strongly disagree with anyone or any company who publishes articles that are written to scare readers in order to gain more subscribers – or to make more money. It’s sad when the truth gets buried under a huge pile of fear.
The intent of these sensationalistic writers is not to help people navigate the often confusing world of cyberspace, but to corral more readers and turn that additional traffic into more money. They write articles to scare people and hope they “go viral”, thus turning their articles into click bait exposing more and more users to misinformation and outright dangerous false information.
So here’s the truth:
Secure sites don’t mean the site is safe. And sites that don’t run on secure servers are not necessarily unsafe. What you need to know is this:
If you’re going to be entering any highly sensitive personal information such as your street address, city, state, credit card numbers, bank account numbers, Social Security Number, driver’s license numbers, etc., always make sure the site is running on a secure server. You can tell if it is secure by looking at the browser’s address bar and checking to make sure you see https:// (see this article for more information). If you don’t see https://, don’t enter any highly sensitive personal information.
Also, keep in mind some sites displaying https:// are not totally secure. Ironically, the site which published the article intended to scare people into believing all sites that were not running on secure servers are dangerous was not fully a secure site.
If you’re going to a site to play games or read articles or leave comments, or even if you’re registering for a free account that requires only a name and an email address (not personal information), then it does not matter if the site is https:// (secure) or not.
There are plenty of sites running on secure servers that are questionable; there are many sites running on non-secure servers that are useful and safe.
There is no one-rule-fits-all.
Be smart. Learn all you can about the sea upon which you sail – the Internet. The more you know, the safer you’ll be. Be careful of sites that publish articles intended to scare you – instead look for sites that publish articles intended to teach you without scaring you. And when you learn something new that’s useful, share your knowledge with your family and friends.
We hope we’ve given you some perspective and helped you understand secure servers and their place on the Internet.