❝ Apple’s move to encrypt your iPhone and WhatsApp’s rollout of end-to-end encrypted messaging have generated plenty of privacy applause and law enforcement controversy. But more quietly, a small non-profit project has enacted a plan to encrypt the entire global web. And it’s working.
Earlier this week, the San Francisco-based Internet Security Research Group announced that the initiative it calls Let’s Encrypt is coming out of beta — and that it’s making serious headway toward helping tens of millions of unencrypted sites around the world switch from the insecure web standard HTTP to HTTPS, which encrypts your web browsing to protect it from surveillance.
Since launching less than six months ago, Let’s Encrypt has helped 3.8 million websites switch to HTTPS encryption, taking a significant chunk out of the unprotected web data that’s available to those eavesdroppers…
❝ Let’s Encrypt has tried to make it easier for websites to switch from HTTP to HTTPS by flattening one of the biggest hurdles in the process: certificates. Let’s Encrypt functions as a certificate authority, one of the dozen or so organizations like Comodo, Symantec, Godaddy and Globalsign that verify that servers running HTTPS web sites are who they claim to be…Once verified, these authorities issue those computers a “certificate” they need to make their HTTPS encryption work with your browser. The certificate is designed to be an unforgeable signature that’s cryptographically checked by your browser so that you can be sure your communications are decrypted only by the intended site and not an impostor.
Unlike commercial certificate authorities, however, Let’s Encrypt is free, thanks to corporation sponsorship from companies including Cisco, Google and Akamai. It’s available to websites anywhere in the world—even far-flung countries like Cuba and Iran that sometimes aren’t served by other major certificate authorities. And it’s automatically configured with a piece of code that runs on any server that wants to switch on HTTPS.
Guaranteed to piss off the official snoops as well as the erratically-malicious creeps on the civilian side of snooping. This doesn’t give you an invisible shield like some of the serious end-to-end encryption systems; but, it certainly makes eavesdropping a bit harder for Big Brother.