Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Security Security Literacy Common Attacks and Defenses Man in the Middle

Posted by njknejknfj
njknejknfj
3,771 Points

Other security concerns with http websites?

Let's say I'm browsing a blog website that doesn't require me to login, store, or input any of my own information, but is not secure with https. Should I still consider avoiding this website? What are the security concerns/risks involved in this situation?

1 Answer

Steven Parker
Steven Parker
229,708 Points
Steven Parker
Steven Parker
229,708 Points

Any site can be used to publish malicious content. It does not matter if it uses secured protocols or passwords for access. Malicious content can potentially be delivered using browser exploits without any action on your part other than connecting. And deliberately downloading something offered on a site (which may often seem attractive like "free software" or videos/music/photos etc.) poses additional risks. The malicious content could possibly do anything from causing advertising to mysteriously appear to hijacking your hard drive and demanding a ransom.

Just be aware that getting information from you isn't the only security concern. It can be just as serious if a website gives something to you that you don't want and/or are not aware of.