HTTPS: A good balance of freedom and privacy

by | 27 July 2018

Vivying Cheng (VC) has been upgrading Clarity’s programs to HTTPS. She discusses with Andrew Stokes (AS) on how the move towards greater security is a good thing for both teachers and students — and everyone else.

AS: What is HTTPS?
VC: It’s a little bit technical, but basically anyone browsing a website is constantly sending messages from the browser to the server. In the old system, HTTP (hypertext transfer protocol), all these messages were in plain text. That means anyone taking a look can see what’s happening. The new system, HTTPS (the s stands for secure socket layer), encrypts these messages so they are much more secure and the user’s privacy is protected.

AS: Why is this relevant to teachers?
VC: Well, it’s relevant to teachers, students, and anyone else who is using the Internet. With the old system, a hacker could take all the data passing between a server and a website, and could work out names and passwords — and other information too. For Clarity programs we are primarily concerned with protecting names and passwords as this is the most sensitive data we collect. The new HTTPS system makes it much more difficult for people to access and steal this information.

AS: When did it come in?
VC: HTTPS has been around for a long time. What’s happened recently is that Google has made it much more visible. It’s now very clear in the Chrome URL bar whether a site is secure or not. All the other browsers have been following Google so it’s pretty much imperative for any serious website to be secure now.

AS: Are Clarity programs secure?
VC: The new generation of Clarity programs were designed to be HTTPS compatible. We had to put a lot of work into making the previous generation secure. You have to train the server, the browser and the website to speak to each other — it’s like teaching them all a foreign language. But that job is now done. There are just a couple of very old programs from an even earlier generation that are too old to learn the language, but those are being gradually retired.

AS: Is this a move in the right direction?
VC: There’s GDPR, and there’s HTTPS — people are getting more alert to issues of privacy and security. Originally people didn’t really care, but it’s a good thing that they do now. The Internet is still an open space but it is being policed more. I don’t see this as violating freedom; it just makes everything safer and more secure.

Sieon Lau, Senior Editor, ClarityEnglish

Sieon Lau, Senior Editor, ClarityEnglish