Your connection is not private

[otuatail]

Hi i am getting this message from difrent websites and diffrent browsers. i am still a Windows 7 user and happy with it. I have heard it is something to do with TSL what ever that is. Are these websites behind the times with securety or something.

 

[Bree]

You get the message 'your connection is not private' when you connect to a site that has an HTTP address rather than an HTTPS one ('S' stands for Secure).

TLS is 'Transport Layer Security' without which anything you send to the site (such as passwords) would be sent across the internet as plain text. TLS ensures it is encrypted and cannot easily be intercepted.

Transport Layer Security - Wikipedia

 

[RolandJS]

Bree, I get that message a lot when trying to use my device on a school's wifi -- until I get properly login into that school's wifi. I guess there are a few reasons for that crazy message.

 

[Alejandro85]

There could be a variety of reasons for that. In short it's that the browser cannot ensure the safety of the connection for some reason or other. You should first look at the error message it shows for a more precise explanation of the underlying reason.

Among possible causes can be:
- There can be that the sites are effectively have configuration problem.
- They can also be that these are being hacked and are trying to trick you.
- You may be using an old enough browser (or lacking Windows Updates) to not to have security certificates installed, or it's using old protocols because of the browser.
- Your connection may be legitimaly insecure and someone is trying to intercept your data.
- The date on your computer may be wrong.

Without more details it's impossible to know for sure. The only safe action without looking for details is to immediately close the tab and leave the site.

 

[file3456]

It's TLS (Transport Layer Security)

If you see that then then the site is not a HTTPS (Secure) connection.

Don't let the name "secure" confuse you. It's just an encrypted connection, for what ever that's worth... A hacker can ARP cache poison, etc. That's why HSTS (HTTP Strict Transport Security) exists. LOL

 

[Alejandro85]

Don't let the name "secure" confuse you. It's just an encrypted connection, for what ever that's worth... A hacker can ARP cache poison, etc. That's why HSTS (HTTP Strict Transport Security) exists. LOL

No, it's not "just an encrypted connection". It's that and also server authentication, HTTPS ensures that the server you're talking to is really who you think it is. Any attemp to impersonate the server will be detected as a browser warning (which the user should not ignore........).

HSTS only adds that further conenctions will always use the secure version of the site. It's easy enough if you explicitly use https in the url, or have a browser plugin that forces secure connections to avoid such attacks, and they can be detected if they happen by looking at the plain http address too.

 

[file3456]

Preaching to the chore, buddy. I own four websites and know all about it.

 

[RolandJS]

Preaching to the chore, buddy. I own four websites and know all about it.

I want to bookmark your websites Anything coming from you is information worth having.