Reprinted from the product is slightly Library http://www.pinlue.com/article/2020/04/0611/3510119404305.html
Why https safer than http? Xiao Bian learned of network technology to tell you.
Prevent operators hijacking
If you want to access the .com, not directly to .com, you need a lot of middle forwarding server router.
Suppose you are credible, .com also credible, but it may not be an intermediate node.
such as
This 11 nodes, any of which may falsification your information and the information sent to you.
In fact operators hijack these nodes is some kid for profit distributed to modify your html, embedded in his ads.
If https, you do not know all the nodes in the end in .com and send some what, there is no way to change, because only you and .com keys only.
Therefore, https prevent mischief is an intermediate node. Which in our scenario, it is very good value.
https just encrypted during transmission.
for example:
A write to B, B mailed to finish, but the process in the mail, the postman may secretly taken out and put back after the letter view, taken mailroom uncle may also sneak a look, B received letter, a lot of people may have been seen during transmission. If the letters have some bank card account password or something, someone else might have been quietly taken down during transmission. This is HTTP.
A and B discovered this problem, so they agreed to write the next time you want to encrypt, A letter when encryption, decryption received the letter B, the method of encryption and decryption only A and B know. Also in the process of sending letters, the postman, mail room uncle secretly read the letter, but totally do not understand, does not reveal the contents of the letter, it is safe and more. This is https.
So usually when browsing the web in general, you may not use https, but when the user logs need to enter the password, use https, because the login username and password sure you want to transfer, without encryption might be seen.
With https operators to bid farewell to the hijacking.
What is carrier hijacked?
Operators will in some big traffic sites, plus some small advertising to increase revenue. Sometimes you open Baidu, a pop-up ad in the lower right corner, this ad is not Baidu plus, is the operator added.
Also, as in the example above, the postman not only read your open letter, and adding a small ad in your letter, so that you thought it was A plus. If https encryption, the postman is not the small ads encryption into your letter.
http https security refers to the ratio of the data transfer process, rather than the security server background. https only prevent others directly monitor packet transfer content to get it, for the server sql injection vulnerability or the like, https and not http clever than any place
Simply put, it is this:
http plaintext, is a postcard, you can get others to see the content.
https is locked safes. Others can not get to open the lock (not on the current computer performance, the brute force approach https packets)
