Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

Mad Scientist
20479 posts

Uber Geek
+1 received by user: 2792

Lifetime subscriber

# 210463 28-Mar-2017 15:03
Send private message

Sorry didn't know where to post this.


Is there such thing as https is safe in unsecured wifi transmission?


And do apps use https?

Swype on iOS is detrimental to accurate typing. Apologies in advance.

Create new topic
544 posts

Ultimate Geek
+1 received by user: 35

  # 1749482 28-Mar-2017 15:28
Send private message

I'd say most (good) apps will use https along with certificate pinning, possibly along with an API key for talking back to their servers. Hard to tell if Uber is using https, but they certainly would on the page where they take credit card details  (and presumably store a token for re-billing)




On Android I'm sure you can get some type of sniffer or traffic analyzer to ensure that the traffic from an individual app is going out via https. 


I;m not saying Uber is safe, but it's a reputable company who have probably had many penetration tests.





14898 posts

Uber Geek
+1 received by user: 2795


  # 1749516 28-Mar-2017 15:50
Send private message

https would typically be considered safe over unencrypted wifi. I think it's reasonable to assume Uber secure at least the important parts of their app with https communications.


I wonder about man in the middle type attacks. If someone controls DNS they could point you at any server, but the certificate wouldn't match the URL, so if the Uber app is doing encryption properly it shouldn't establish the connection.


All in all, you'll probably be ok. However, I'd probably use mobile data if you have it, the data volume will be trivially small.


296 posts

Ultimate Geek
+1 received by user: 106

  # 1749707 28-Mar-2017 19:52
Send private message

Is the internet safe on free unsecured wifi? Even for apps using https to keep credentials safe, you will be still leaking private data like location, urls you visits, apps you use,.... The risk doesn't worth the few dollars a VPN costs IMO.

541 posts

Ultimate Geek
+1 received by user: 126


  # 1749754 28-Mar-2017 20:52
Send private message

Applications can do ssl encryption(https) there are built in libraries on both android and iOS and i'm sure windows would be the same although i have no exact experience with windows phone.


HTTPS encrypts everything after the domain name so while anyone snooping in could tell what app or site your visiting by the domain name they will get nothing else.


As to the main question is the app using encryption its hard to tell without using wireshark to see the data. However I would be very surprised if uber would use HTTP when they have a perfectly valid ssl certificate. There is no reason not to encrypt and if they were not doing so someone would have said something publicly by now.

Geoff E

14898 posts

Uber Geek
+1 received by user: 2795


  # 1749777 28-Mar-2017 21:08
Send private message



There is no reason not to encrypt and if they were not doing so someone would have said something publicly by now.



Encryption requires additional computation. It's often offloaded to dedicated hardware if you have significant scale. So there is a reason not to encrypt, but it's not a great reason.

Create new topic

Twitter and LinkedIn »

Follow us to receive Twitter updates when new discussions are posted in our forums:

Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:

Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:

News »

Huawei's scholarship programme showcases international business to Kiwi undergrads
Posted 22-Jul-2019 17:53

Spark Sport launches across a range of new devices
Posted 22-Jul-2019 13:19

Dunedin selects Telensa to deliver smart street lighting for 15,000 LEDs
Posted 18-Jul-2019 10:21

Sprint announces a connected wallet card with built-in IoT support
Posted 18-Jul-2019 08:36

Educational tool developed at Otago makes international launch
Posted 17-Jul-2019 21:57

Symantec introduces cloud access security solution
Posted 17-Jul-2019 21:48

New Zealand government unveils new digital service to make business easier
Posted 16-Jul-2019 17:35

Scientists unveil image of quantum entanglement
Posted 13-Jul-2019 06:00

Hackers to be challenged at University of Waikato
Posted 12-Jul-2019 21:34

OPPO Reno Z now available in New Zealand
Posted 12-Jul-2019 21:28

Sony introduces WF-1000XM3 wireless headphones with noise cancellation
Posted 8-Jul-2019 16:56

Xero announces new smarter tools, push into the North American market
Posted 19-Jun-2019 17:20

New report by Unisys shows New Zealanders want action by social platform companies and police to monitor social media sites
Posted 19-Jun-2019 17:09

ASB adds Google Pay option to contactless payments
Posted 19-Jun-2019 17:05

New Zealand PC Market declines on the back of high channel inventory, IDC reports
Posted 18-Jun-2019 17:35

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.