Many U.S. government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been exploiting for years now. For example, the official U.S. Census Bureau website https://my2020census.gov carries a message that reads, "An official Web site of the United States government. Here's how you know." Clicking the last part of that statement brings up a panel with the following information: A message displayed at the top of many U.S. .gov Web sites. The text I have a beef with is the bit on the right, beneath the "This site is secure" statement. Specifically, it says, "The https:// ensures that you are connecting to the official website…." Here's the deal: The https:// part of an address (also called “Secure Sockets Layer” or SSL) merely signifies the data being transmitted back and forth between your browser and the site is encrypted and cannot be read by third parties. However, the presence of "https://" or a padlock in the browser address bar does not mean the site is legitimate, nor is it any proof the site has been security-hardened against intrusion from hackers. In other words, while readers should never transmit sensitive information to a site that does not use https://, the presence of this security…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-03-25 15:30:002020-03-25 15:30:00US Government Sites Give Bad Security Advice
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com