The Electronic Frontier Foundation has published an infographic list showing the Web service providers that encrypt or don’t encrypt their users data as it traverses the Internet.
The list derives from the foundation’s Who Has Your Back Program, which surveys Web service providers to find out if they are implementing the foundation’s best practices for encryption.
The recommendations call for Web service providers to protect users’ data by: 1) Encrypting their websites with Hypertext Transfer Protocol Secure (HTTPS) by default; 2) Flagging all authentication cookies as secure; 3) Enabling HTTP Strict Transport Security (HSTS); 4) Implementing STARTTLS for email transfer; and 5) Using forward secrecy for their encryption keys.
Of the Web service providers surveyed, only four – Google, Dropbox, SpiderOak and Sonic.net, received a passing mark in all five points. This infographic shows how they all fared. You may read the original posting here.