Major Aussie sites flagged as not secure.
Major Aussie sites flagged as not secure.

The major Aussie websites that aren't secure

RENOWNED cyber security expert Troy Hunt has called out some of Australia's most visited websites for not being secure.

Among those that don't encrypt the data travels between users and the website include Australia's Bureau of Meteorology website, AFL.com.au, Whirlpool.com.au and the ABC website.

These websites are among a minority that do not use HTTPS - the secure version of the web's underlying data transfer protocol. The 'S' part of the acronym is the important bit.

It stands for Hyper Text Transfer Protocol Secure and is the protocol over which data is sent between your browser and the website that you are connected to.

The 'S' on the end means that communication between your browser and the website is encrypted before it travels online.

Web browsers such as Internet Explorer, Firefox and Chrome display a padlock icon in the address bar in front of the web address to indicate that an HTTPS connection is in effect.

Alternatively, websites like the ABC and the BOM site rely on HTTP which doesn't scramble the data passing between you and the site.

The information in the address bar warns users the website is not secure.
The information in the address bar warns users the website is not secure.

WHY ARE THESE WARNINGS COMING NOW?

Nothing about the way these websites work has changed but from today Google's new Chrome web browser is listing all unencrypted sites as explicitly "not secure" in front of the web address. The change is part of the tech giant's release of Chrome 68.

Google first began warning people about sites that use HTTP in early 2017 by displaying the "not secure" warning for sites that collected passwords and credit card information. The company has also subtlety favoured HTTPS-enabled sites in its search results since 2014.

Despite the push for greater encryption on the web, Mr Hunt and his colleague wanted to compile a list of major websites that still didn't use HTTPS.

"After all the advanced warnings combined with all we know to be bad about serving even static sites over HTTP, what sort of sites are left that are neglecting such a fundamental security and privacy basic?" he wrote in his latest blog post.

The most visited Australian sites that remain unsecured as identified by Troy Hunt.
The most visited Australian sites that remain unsecured as identified by Troy Hunt.

Many other, less visited sites, including the Government's Australian Bureau of Statistics website also rely on HTTP.

About 20 per cent of the world's 500 most popular websites are still using the non-secure protocol.

If you're not entering any password or sharing personal data on these websites, then you don't really need to worry too much as the risk that your security could be compromised is fairly minuscule.

But because the data carried between your device and the web server can be accessed by someone else on the network, theoretically cyber-criminals can work to intercept that information and devise ways to steal useful data or insert their own code or malicious adverts.


Dentist sweetens smiles with tooth tech

Dentist sweetens smiles with tooth tech

Dr Shiv Pillay has made the patient experience at Serenity Dental smoother by...

“It was an extraordinary event”: Locals faced the fires

“It was an extraordinary event”: Locals faced the fires

Central Highlands emergency service responders forfeited their day-to-day routines...

Student’s safety tips won her a statewide video competition

Student’s safety tips won her a statewide video competition

A Central Highlands student won an Ergon Energy video competition out of more than...