Whether a website sells salon appointments or stolen credit-card numbers, Matthew Prince wants to protect it. <\/p>\n
Prince, chief executive of CloudFlare, a San Francisco cybersecurity and network company, is allowing customers to encrypt connections to their sites for free. Prince, 39 years old, says the offer could extend encryption to roughly two million websites that use the free version of CloudFlares service. <\/p>\n
Encryption would create hurdles for both fraudsters and governments, security experts said. Hackers would have a more difficult time spoofing legitimate websites. Intelligence agencies could be challenged to figure out what protesters are reading online. <\/p>\n
The move is an important step in making encrypted connections standard, said Morgan Marquis-Boire, a security researcher at the University of Torontos Citizen Lab. People in Vietnam would be able to feel a little safer about reading a blog critical of the government, he added. <\/p>\n
Christopher Soghoian, principal technologist at the American Civil Liberties Union, added, Its huge. <\/p>\n
CloudFlares move is the latest effort by Silicon Valley to harden the Internet against both spies and cybercriminals since former National Security Administration contractor Edward Snowden last year revealed the extent of government surveillance, and tech-company cooperation. In April, Google announced it would give bonus points in its search-ranking algorithm to websites that use encryption. <\/p>\n
Today, fewer than three million of one billion websites use encryption, according to surveys from Netcraft, which monitors Internet traffic. Many media sites including wsj.com dont use encryption for their homepages because it doesnt work with some advertising networks. <\/p>\n
Encryption scrambles data and communication with the page, preventing hackers from stealing credit-card numbers in transit or spying on which pages are accessed. It also lets users know they have reached the website they intended to reach. If a site uses encryption, its web address will start with https instead of http, and a colored padlock will appear next to the address. <\/p>\n
Encryption is primarily used by larger website operators. Small operators use it less frequently because of the cost. <\/p>\n
Prince says he reached deals with the companies that issue encryption certificates to reduce the cost. But he said the offer will hurt CloudFlares bottom line. <\/p>\n
<\/p>\n