Does making http:// site into https:// protect against NSA surveillance?
Hi, I have a small, not-frequently-visited personal Web site which is basically just my online portfolio and resume. I've been reading the articles on resetthenet.org regarding using SSL certificates for one's sites in order to make it harder for the NSA to spy on me and my (infrequent) visitors. Specifically, on http://resetthenet.tumblr.com/post/8...https-hsts-pfs, it says: "HTTPS, HSTS, and PFS are powerful tools that make mass spying much more difficult."
I don't know whether to believe this or not. Having spent my career strictly as a front-end developer (or as we used to call us when I started in 1996, Web designers), I have only the most rudimentary knowledge of Web security. I know one puts a SSL layer on a shopping cart or log in section of a site, but it was always the server administrator who did that. Would $70 (GoDaddy's basic rate) worth of SSL keep my site free of NSA surveillance?
So I guess I won't bother with SSL for my site
Thank you for your clear explanation, and thanks to you and everyone for their responses. The replies mostly confirm my gut feeling that using SSL on my site would make no difference; as scout1idf said, if it did make a difference, it would probably be illegal. I just want so badly to do something about surveillance, but I guess we're all just living in a fishbowl these days.
Originally Posted by markbrown4