Zscaler Research: Why the web has not switched to SSL-only yet?

Zscaler Research: Why the web has not switched to SSL-only yet?.

Great post following up on the Firesheep threat, detailing the reasons why more websites are not using SSL:

  • Server overhead
  • Increased latency
  • Challenge for CDNs
  • Wildcard certificates are not enough
  • Mixed HTTP/HTTPS: the chicken & the egg problem

Zscaler did a follow up blog post, SSL: the sites which don’t want to protect their users, highlighting popular sites which do not use SSL.

Full disclosure – Zscaler is a Cymbel partner.

About Bill Frank

Principal at Cymbel. 25+ years in IT. Specialist in information security since 1999, helping organizations mitigate the risks of modern malware. @riskpundit http://www.linkedin.com/in/riskpundit

Speak Your Mind

*