Encrypted web traffic has gone from a far-off dream from privacy advocates, to something we take for granted and hardly notice. That little green lock or "https" in front of a web address means your internet traffic is encrypted. Privacy and eavesdropping concerns over the years have seen an ever increasing adoption of this security.
For the first time ever, one half of all internet traffic is now encrypted according to the Electronic Frontier Foundation. The EFF has long been one of the strongest advocates for web privacy and encryption, so this new milestone means their goals are much closer to being met.
The recent growth in encryption has been largely spearheaded by the web's biggest players. Facebook, Twitter, Google, and more now implement HTTPS by default. Google now even uses encryption as a parameter when ranking search results.
The EFF believes another major factor in the spread of web encryption is how easy it is for webmasters to implement now. The introduction of Let's Encrypt and Certbot have allowed previously unencrypted websites to get a free security certificate. Certificates handed out by Let's Encrypt, the web's largest Certificate Authority, have more than doubled since last October. Web hosting platforms are also now integrating HTTPS in their web-building tools.
While the adoption of encryption continues to grow with no signs of slowing down, there are still some major flaws. Google estimates that nearly 97% of unencrypted traffic comes from mobile devices. If your device or the website you're visiting doesn't support HTTPS, there was previously nothing you could do. The EFF recommends the HTTPS Everywhere browser extension, a collaboration between them and the Tor Project. The extension forces HTTPS whenever available and also rewrites insecure requests to activate encryption.
Privacy advocates and internet superpowers can only do so much though. It's up to every web developer and hosting company to secure their websites, so this is something that likely won't happen any time soon. The EFF will nevertheless continue to advocate for change with the end goal making their HTTPS Everywhere service redundant.
Editor's note: We are also in the process of moving all of TechSpot to serve via HTTPS. Only this past two quarters most ad servers and third parties have successfully moved to HTTP secure, so with a proven platform we are going for it. Even though TechSpot remains mostly a read-only experience with no critical data being exchanged, we recognize it's the right step moving forward. Expect the seamless move to take place in the coming weeks.