Hi, Leo, when I logged on to eBay itâs using https. But when I then move off the sign-in page, itâs evidently no longer https; itâs plain old http. If weâre traveling and we use Wi-Fi, will our eBay activities be secure?
Your instincts are right. An http page does not provide a secured connection. This is a very important thing to realize about the difference between http and https. The fact that eBay uses https for the login means that yes; your login at least is protected. That means someone in an open Wi-Fi hotspot, or with some other kind of network access, canât easily sniff the traffic and determine your eBay login credentials. Thatâs a good thing.
However the fact that after you log in it switches back to http means that the rest of your activity is not protected by encryption.
Become a Patron of Ask Leo! and go ad-free!
Unencrypted connections
An unencrypted connection that in an open Wi-Fi hotspot, for example, that suspicious character in the corner could be watching what youâre viewing on eBay, what youâre bidding on, and basically your entire activity on the non-https portions of that site.
While itâs not the end of the world, itâs not necessarily a good thing. And of course for sites other than eBay it could be a very, very bad thing, or it could be a complete non-issue.
Many sites are moving to using https for everything, or are already there. Email sites, for example, needed to do this early on since email can often contain very sensitive content. Other sites simply donât offer https as a connection mechanism.
So, if you canât use https, and youâre in a potentially insecure location like an open Wi-Fi hotspot or a wired connection at a hotel or a library, what do you do?
The easy solution is to use a VPN service. VPN stands for Virtual Private Network. A VPN will set up an encrypted connection between your computer and itself. All of your internet traffic then travels over that connection â encrypted. Http or https, it doesnât matter â itâs all encrypted and nobody in that cafe, library, or hotel will be able to see, sniff or understand exactly what it is youâre doing.
[[An unencrypted connection that in an open Wi-Fi hotspot, for example, that suspicious character in the corner]]
Right out of the movie âThe Netâ and its Gatekeeper bogus security software.
http://en.wikipedia.org/wiki/The_Net_(1995_film)
Personally, we use a VPN service when we are on open wi-fi networks. There
are modes for handheld (tablets and phones) as well as laptops and netbooks.
Does anyone have a VPN which does NOT slow to a crawl at a Wi-Fi cafĂ©? Or one you can recommend which you consider highly rated? Iâve read the reviews on many, and it seems the VPNâs, unless corporate, leave much to be desired. Safety at a price, I guess.
I have no direct experience with any, Iâm afraid. (Having my own servers I roll my own solution.) I would expect the reviews to be the best source of hands-on experience.