Majority of Google’s connections are encrypted. But in order to strengthen security and enhance encryption level Google has introduced HTTP Strict Transport Security (HSTS) encryption. HSTS encryption mechanism prevents users from jumping into harmful HTTP URLs which are typed incorrect. HSTS can transfer the direction to safe direction in internet from insecure URLs. This tells the browser to detach from all unsafe HTTP protocols since it is an IETF protocol. Thus prevents from session hijacking and protocol downgrade attacks. It can also prevent from MIMT and prevent attackers with invalid digital certificates.  Google has turned on HSTS for www.google.com but it will take time for further implementation.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s