SSL Is Pure BS

by Quinton Figueroa on October 25th, 2010

For the non-tech people SSL stands for Secure Sockets Layer and basically is that lock that shows up when you're paying for stuff online. It turns your http into https - yes that s stands for SECURE. The whole thing is stupid and just a money making scam IMHO.

SSL doesn't protect anything. It doesn't do anything. Anybody can get an SSL. You can still get ripped off just as easily from somebody with an SSL than without. A scammer has infinite ways to scam you online and an SSL isn't going to slow anybody down for a second.

From a technical standpoint SSL "encrypts" your data and verifies that the server you are connecting to is "authentic". I mean grow up. This is the Internet. Encryption doesn't mean anything. You can encrypt your data to a scammer. You can encrypt your data and something can go wrong on the application layer and totally compromise your data. I can collect your "encrypted" and "secure" payment and choose to just keep the money. The whole thing is just a bunch of useless jargon and people should stop caring about it.

But wait! You need to protect sensitive data like credit cards!!! OMFG credit cards! You hear all these freaking drone developers spouting about how important it is to follow the safety standards to make sure that you don't possibly ever leak credit card data. Because after all, more credit cards are stolen over the Internet due to lack of encryption integrity vs the standard phish. Oh wait, that's right, cards are never stolen due to lack of SSL or any of that BS. Cards are taken through a number of creative means that are hardly ever discussed because real scammers are 100 steps ahead of the sheep. A lack of SSL is the last way to get your credit card stolen.

I mean seriously, listen to some of these tool developers talk about SSL (http://www.smallbusinessbrief.com/forum/showthread.php?t=25203):

There are no cons. Actually, if you are launching a store for a client you may have put them in a precarious situation by not using SSL. Your client may believe their customer's transactions are secure when they are not.

Pros:

1. You gain an advantage over your competitors by showing that your business is trusted and legitimate.

2. You provide proof to your customers that their personal information cannot be stolen or tampered with.

3. You ensure that the transactions on your site are secure. By using SSL your customer's data is transmitted in a secure fashion using the strongest encryption.

Even people that are not internet "savvy" know to look for either https: in a url or for the golden lock symbol in the bottom of a browser before making a purchase.

Kim nails it. Really, if you're selling anything or are collecting private information of ANY kind encryption is a necessity, not a luxury. This will only become more true as time goes on and hackers get more and more savvy.

I'm surprised you could launch without it -- most (if now all?) banks and credit card processors will require it, assuming you are taking credit cards?

Yes I totally agree if you are taking creadit cards online you should use ssl.

Even if you dont take payments direct from your site, i would advise getting a SSL anyway to help protect login hence security the members data.

and on and on... Now I know why nobody makes money anymore, they're all too busy wasting their time on useless crap. Hey guys, there's this other cool scam called the income tax - you may be into that one also, kinda cool how it works.

Moreover, users don't even have a clue about SSL until that stupid popup or lock actually shows up. Until then they're just going through step by step. They only stop to think about SSL once they actually get a popup saying "You are now going to a secure page. You wouldn't have ever known that or cared if it wasn't for me the popup/lock."

I run sites without SSL all the time and have never once had a user contact me and say, "OMFG! GET SOME SSL ON YOUR SITE BEFORE I ENTER IMPORTANT INFORMATION. I DON'T WANT MY INFO COMPROMISED." Nobody cares, they still buy, and life goes on. So next time you're considering whether or not you should get an SSL certificate just get some sales first. If you can get a few sales to justify wasting your money fine, but if you're just starting out and don't want to deal with the BS of a worthless certificate then don't. I know I don't.

 Filed under: Internet / Tech, SSL, Security

About The Author

Quinton Figueroa

Quinton Figueroa

Facebook @slayerment YouTube

El Paso, Texas

I am an entrepreneur at heart. Throughout my whole life I have enjoyed building real businesses by solving real problems. Business is life itself. My goal with businesses is to help move the human ...

More

6 Comments

Concerned: Good post

You are correct, and thanks for the informative post.

Concerned: Good post

Security is a major problem for sure, and nothing guarantees your website or computer to be secure. However, for basic Internet usage and networking I like Linux as it tends to be the most secure OS available, with Apple in close second. There aren't many viruses created for Linux or Apple, and as along as you stay out of root or su while connected to the Internet you are safe from hackers. I have not had any viruses or attacks of any sort since I switched to Linux, and on top of that I like it far better than Windows 7 and other Windows OS. This probably wouldn't help a website but it can surely make personal Internet usage a safer environment.

Quinton Figueroa: Hah, that's awesome you use

Hah, that's awesome you use Linux as your main OS. You may be a bigger geek than me. I've tried to switch to Ubuntu but I just can't work as productive as I do on Windows 7. Also, it has issues with a few programs like Photoshop and such. I may have to try the switch again in a year or so. I really want to use Linux as my main OS.

I definitely use Linux on all my servers though, it's the best!

Concerned: Linux

I just switched a few months ago. I did a dual boot with Ubuntu and Windows 7. Rarely do I switch to Windows, and Linux mounts to Windows so all of my files are available in both to view and edit. Most of my friends like Windows Office package better than Linux Open Office but I haven't minded using it. As for Photoshop give Gimp a try. I downloaded it for all my picture editing and have been completely satisfied, but I am not a photographer so I just need the basic stuff, however, it has a ton of tools to use. Everything I have needed so far has been easy to acquire for free in the Ubuntu Software Center. Its just like downloading an app from the market on a droid or iPhone.

If you are worried about whether or not you will like Ubuntu remember you can always remove it, or you could just use Wubi to install it on the same partition as Windows. In this method it will act like a dual boot when you power up and select an OS to run, however it will be on the same partition.

For me its the terminal window and faster boot up and shut down that I like. At work I have to use Linux and Unix so I am more comfortable with the man commands.

Quinton Figueroa: Yes, I have also tried the

Yes, I have also tried the dual boot with Ubuntu and I absolutely loved it, but I just can't use it for business stuff yet. I gave Gimp a try and it couldn't replace Photoshop for me. There are just too many things I use in PS that Gimp doesn't handle the same like Layer Styles. There really are only a few things keeping me from making a full switch so maybe in another year or 2 I'll be there. Although I really am happy with Windows 7.

Mikey: So what would be your

So what would be your alternative to SSL?
Thanks

Add new comment