How can I secure my computer against attacks when visiting unsecured http sites?

Andrew Yeh June 22, 2010

I know to protect against man-in-the-middle attacks, you’re supposed to use https, but there are some sites that just don’t work with it. Is there some way to secure sites with http?

  1. Test
    June 23, 2010 at 9:07 pm

    Anti-virus and firewalls and noscript implies that the problem are local: that if you block viruses and other malicious programs from coming in, http is secure. Is that true?

    • Jack Cola
      June 24, 2010 at 5:26 am

      Well doing that will help prevent you from getting a virus or spyware. And if those programs listen in to what you are saying (or transferring across the internet) then yes, it will be more securer - but you still won't get full protection.

      If a hacker is specifically targeting you, then all you can do is protect yourself, but the odds are for someone to listen in to just you is very low unless your computer is compromised by a virus already and it just logs your actions for something interesting.

  2. Aibek
    June 23, 2010 at 5:51 pm


    There are many waus to secure yourself. First of all if you have an up to date <a antivirus, operating system and firewall you should be fine.

    - The 10 Best Free Anti-Virus Programs
    - The Three Best Free Firewalls for Windows

    Firefox users may also install a NoScipt addon that blocks all on-page scripts. See, 10+ Best Firefox Security and Privacy Addons.

  3. Test
    June 23, 2010 at 4:15 pm

    Jack Cola,

    Sorry if I'm asking a bad question: I don't understand how the internet works. But I thought my question was different from the last one. The past question asked if it was possible to surf everywhere with https. I know it isn't possible. However, does this mean there's no local answer? So a secured, wired connection and a secure DNS doesn't secure you against man-in-the-middle attacks? That was my question: is there a way to secure my computer against these attacks?

    Sorry if this was a bad question.


    • Jack Cola
      June 24, 2010 at 5:07 am

      The internet is basically a collection of computers that are all connected to each other. When you visit a website, your computer (the client) connects to the server, the web server then sends the information back to you and your web browser displays it.

      There are numinous protocols that can be used such as HTTP, HTTPS, FTP to name the most common ones.

      A DNS converts a domain name such as to an IP address. Computers all talk to each other using IP address - each computer has one and we are running out, thus for IPv6 (we're currently using IPv4). Domain names are only used because it's easier for us to remember words then numbers.

      Read 0ron answer for a great example between HTTP and HTTPS and hopefully you will understand it a bit better. //

      If it's encrypted (HTTPS), people can only decrypt what you say.

      But if you are worried about attacks, get a good antivirus program and firewall. I don't have AV installed on my computer, and never had a virus (touch wood)

      But if someone does get your password, it's as simple as changing it. I am not to fussed on using http and https. If https is available, I would use it over http. I am more worried about logging on to a site on another computer apart from my own such as work, uni, school, friends, library, internet cafe as who knows, they may have viruses or keyloggers installed.

      You may find this interesting as well

  4. Jack Cola
    June 23, 2010 at 10:25 am

    This is like the third question about this and I am not sure why.

    If you read my answers in that post Tina mentioned, you will get a better understanding. If HTTPS isn't provided by the site your visiting, you can only use HTTP. Read my comments for more of an understanding.

  5. Test
    June 23, 2010 at 2:10 am


    thx for the answer. However, if you have to use http (as noted in the answer to one of the questions, https must be provided), is there any way to secure them? Use a VOP? Use a proxy?


  6. Tina
    June 23, 2010 at 12:54 am


    we recently had a similar question: How I can surf the internet always using a secure SSL connection?

    You could try HTTPS Everywhere.

Ads by Google