The importance of encryption

The following topic are discussed on this page:

  • Anonymity on the web
  • What is an encrypted connection and how is it different from an unencrypted one?
  • Security over wireless networks
  • Certificates

Anonymity on the web

When you visit a web page, the webmaster may collect different data about your visit (such as your IP address and the version of your operating system, your monitor’s resolution, etc), so surfing the web leaves traces.

Most of the data left from surfing is harmless in practice, but sometimes it can be dangerous to leave traces. For political dissenters, for example, the consequences can be very dire in some countries. If necessary, it is possible to surf the web anonymously by using special services (read more about this subject).

Encrypting data transfer

When using web browsers, the data  is usually transferred over the web in unencrypted form. Data is also sent unencrypted in open wireless networks (such as many open networks in public libraries and coffee shops). In principle, anyone who knows how to can capture and read this kind of traffic in a clear form. Encrypted traffic, on the other hand, is practically impossible to sniff by a malicious person.

Not all data that is transferred over the web needs to be encrypted, but if you want to transfer sensitive information (like logging on to an online service with your password), it is absolutely necessary to encrypt it. Web browsers usually establish an encrypted connection automatically for online services where encryption of data is possible. However, not all web sites offer this option, so you need to be careful. Do not give your password to services that transfer passwords and other sensitive information in unencrypted form!

How to tell the difference between encrypted and unencrypted connections

When using e.g. online banks, webmail services etc you should make sure that any sensitive information is transferred in encrypted form over the web. This means that you need to know how to tell the difference between encrypted and unencrypted transfers. There are many ways to encrypt data transfers. The most commonly used ways are SSL and HTTPS.

Online banks and browser mail applications use an encrypted HTTPS connection. Usually you do not have to do anything by yourself: when you enter an encrypted connection with your web browser, the following things take place:

  • The first part of the web site’s address will change to https:// indicating the change in protocol,
  • The browser status bar (usually next to the address bar) shows a locked lock symbol.

See images below for the lock symbol and address field:

You can identify a normal connection by the normal http:// prefix in the address field.

The encryption methods are slightly different with e.g. e-mail and terminal connections than with a browser. To use an encrypted connection with your e-mail program on a computer or mobile device, you need to set your program settings to encrypt the connection.

The data security of wireless networks

Many public and nearly all wireless home networks use some kind of anti-phishing protection. The most recommended one of these is the password protected connection with WPA2 technology – breaking it is extremely hard.

Many public places (schools, public traffic and coffee shops) offer a public, open wireless network (WLAN). The UH guest network HUPnet is also such a network. It is important for you to know that the data in these kinds of networks is transferred in a completely unencrypted form, and a person who knows what he is doing can easily eavesdrop traffic within.

Eduroam is an encrypted and secure wireless network widely available at the university, making it a recommendable choice.

It is quite easy to prevent eavesdropping. If you have a wireless network at home, make sure that you have protected it according to the service provider’s instructions.

When you are using open wireless networks, secure https browser connections offer a relatively good protection against intrusion attempts, but the best security can be attained by using a secured VPN connection when using a public network. The HY-VPN service provided by the University of Helsinki suits well for this purpose.

Mobile internet networks use data connections that are already secured, which means the aforementioned does not apply to them.