On Nov 15, 2016, at 1:34 PM, Karen Coyle <[log in to unmask]> wrote:
> As for "safe from surveillance" etc., libraries are not miracle workers. Everything we do is in the real world. Given that the NSA captures every byte conveyed from point A to point B, how *could* libraries do anything about that?
For starters, make sure that your website (and anything else you’re putting online) is served over a secure connection (https://, rather than just http://). Yes, encrypted traffic can be captured and encryption be broken, but it’s about making that too expensive to be done routinely, rather than making it impossible.
Using a secure connection is about to become more important for very pragmatic reasons, as starting this January, Google’s Chrome (currently the most popular browser, by a wide margin) is going to begin explicitly warning users about non-HTTPS sites <https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html>.
Edward Almasy <[log in to unmask]>
Director • Internet Scout Research Group
Computer Sciences Dept • U of Wisconsin - Madison
1210 W Dayton St • Madison WI 53706
608-262-6606 (voice) • 608-265-9296 (fax)