A small non-profit organization has started to encrypt the whole World Wide Web, and its plan might just be working. This comes after Apple and WhatsApp rolled out end-to-end encryption on its platforms, leading to privacy applause and law enforcement controversy.
The organization, San Francisco-based Internet Security Research Group, ISRG, announced a new initiative which they call Let’s Encrypt, which is in beta stage at the moment. The initiative has been making serious efforts around the world to switch servers from the insecure HTTP to the modern and secure HTTPS, which helps with encryption of web browsing thereby decreasing surveillance levels. A regular HTTP connection is easily imperceptible, and the information can be read by anyone.
Let’s Encrypt has managed to help around 3.8 million websites switch to the HTTPS encryption system, since launching less than six months ago. This is a magnificent feat considering the amount of time, and the firm has helped in removing unprotected web data that might be intercepted by eavesdroppers.
Founder of the ISRG, Josh Aas, who officially works for Mozilla, but is head of the Let’s Encrypt program said, “Frankly it’s irresponsible how much of our information goes flying around the web in the clear. Anyone can just pull it down and read it. That’s not what people should expect from such an important network today. We want to feel that when we’re using [the web] we have privacy…Our goal is to get to one hundred percent encryption.”
Let’s encrypt has tried to flatten certificates in its bid to change sites to HTTPS. It works as a certificate authority just as Comodo, Symantec, Godaddy, Globalsign work like. These companies verify if servers which run the HTTPS websites are who they claim to be. Once verified, a certificate is issued which makes HTTPS makes with user’s browsers.
Let’s Encrypt is unique in that its certificate authorities are free, mainly thanks to corporate sponsorship from Google, Akamai, and Cisco. The service is available to every country in the world even Cuba and Iran. Ross Schulman, co-director of the cybersecurity initiative at the New America Foundation said, “This is the silver bullet that lowers the barrier to encrypted web communications. It brings the cost of executing a secure website down to zero.
According to Aas, the 1.8 million certificates Let’s Encrypt has issued to the 3.8 million websites make it the third largest certificate authority in the world only behind Comodo and Symantec. The figures are significant because of the 3.8 million sites; around 85 percent did not have HTTPS before. Mozilla data showed that encrypted sites were accountable for more than 42 percent page visits compared to the 38.5 percent before Let’s Encrypt launched. Aas says that’s a growth rate of close to one percent a month. He said, “A lot of us have our eyes on that 50 percent mark.”