Skip to content
View in the app

A better way to browse. Learn more.

Thailand News and Discussion Forum | ASEANNOW

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

If a website is unsecure, what does that really mean?

Featured Replies

In case it's unclear ... What I mean by "unsecure" is that the website doesn't have that little lock logo at the beginning of the url address bar.

 

So, what are the possible consequences here?

 

Can I get hacked easily just by visiting an unsecure website?

 

I assume that conducting financial transactions on such a website would be a bad idea. 

 

On a side note ...  My understanding is that it costs like a few dollars to make a website "secure" ... So why in the world would anyone at this point undertake to build a website and NOT make it secure?

Hi,

Insecure site can't hack you directly. It only means that the information provided to this site may be easily stolen.

If you just browse it, it is ok.

Some site not secured because it does not bring money and the owner doesn't care.

Edited by plus7

The little lock shows that you're connecting via ssl (https) and the public key provided by the site is "trusted". Now just because both of those things are true doesn't necessarily mean that the site is safe, you could still be setting up a "secure" connection with a bad actor.

 

A site with just http isn't necessarily a major risk. If I set up a site full of cat facts that doesn't collect any information from the user it's not especially risky for the user. Still it's best practice to use ssl for everything these days.

 

A site with https that shows a broken lock means the certificate isn't "trusted". A certificate authority verifies that such-and-such website owns such-and-such public key to prevent attacks. There are half a dozen other reasons for ssl certificate errors too though so the site might still be safe even if the lock shows broken.

You can use it like any other site.

But if it is not secure that means some bad middleman could have manipulated what you see and/or download.

I.e. if you want to download an update for a software then you should do this only from a trusted source like i.e. Microsoft with https.

Sometimes sites are temporarily "unsafe" because some certificate expired. Maybe the page is exactly like a few days earlier but it could be manipulated by some bad guy in between.

 

And just to be clear: If a website uses https that doesn't mean everything on that site is good and trustworthy. It's not.

On 7/14/2022 at 11:32 AM, BananaBandit said:

On a side note ...  My understanding is that it costs like a few dollars to make a website "secure" ... So why in the world would anyone at this point undertake to build a website and NOT make it secure?

Many web servers are in a closet and may not be running a current version of Apache (other SW is available) the majority of servers do not need to be secure and it requires some degree of expertise to install even a free certificate. There are sights decades old still providing useful information so they may never be upgraded.

 

However any website that is being built today will probably be https.

 

I have a website that I may restart it will be http as the hardware will almost certainly not run the current https version & I would not bother to update it to newer hardware nor recode it.

Create an account or sign in to comment

Recently Browsing 0

  • No registered users viewing this page.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.