What is HTTPS and how can it help protect you? For example in privacy or security what does it do?

public key cryptography
> Alice generates key pair of _secret key_ and _public key_
> encrypt(message, pubkey) => ciphertext
> decrypt(ciphertex, seckey) => message
> sign(message, seckey) => signature
> verify(signature, message, seckey) => ok?
Alice want's to run a website, she packs the public key with some additional data (like website domain) into _certificate_ and asks some _Certificate Authority_ (CA) to sign her public key.

Bob has many certificates of CAs saved by default on his computer. He tries to connect to Alice's website, this starts _TLS handshake_:
pubkey verification
> Bob receives certificate with Alice's pubkey, website domain and list of signatures by CA
> Bob can't be sure it really is Alice's pubkey, but he can verify the CA signatures
> if all checks, he can be sure it's really Alices pubkey
exchange of session keys:
> Both create their session keypair,
> Bob encrypts his session pubkey with Alice's longterm pubkey
> Alice encrypt her session pubkey with Bob's session pubkey
> Both now have session pubkey of the other
The session keys are necessary for repetition attacks - attacker recorded some traffic and can send them again. They would be properly signed and encrypted. Because there is new keypair for every connection, this can't work.

This does not hide what website is Bob connecting to, but it hides all the data being exchanges, especially passwords and credentials. It also verifies the integrity - no one changed the data, and origin - it's really Alice who Bob receives data from. HTTPS is a pack of HTTP protocol, TLS encrypted connection and CA signing the certificates.

Tldr

I have an off topic question, what is an abstract syntax tree?

Holy fuck, you have to go back.

Alice, Bob and Mark are gullibe goym.

They use HTTPS for every single fucking URL, despite the fact that when I browse a site for reading only, HTTPS is basically useless.

They, as millenial fags/lesbians, send a ping to OCSP servers managed by big corps in jewish hands.

big data is a thing but Alice, Bob and Mark are autistic

Hey goym it's SECURE I mean just use it everywher you gullible cattle

how about you answer my fucking question?

It would show the subdomain?

Retards. The ISP can see the board and thread you go into. And based on the information you upload and the timestamps it can also infer which posts/images are yours, and of course it can know if you're the OP of a trap thread; it can even tell which trap pictures in the thread were posted by you.

HTTPS (Hyper Text Transfer Protocol Secure) is the encrypted version of HTTP (Hyper Text Transfer Protocol). In short, HTTPS uses SSL (Secure Socket Layer) technology that secures your connection by encrypting data sent from the webpage to the server. This means that if a middle-man (such as your ISP) decides to tap your connection, they will only see scrambled/unreadable data.

HTTPS is used almost everywhere (from online banking systems, online shopping/eCommerce to this website). HTTPS helps to protect your privacy by encrypting data on what you send and receive on a website (such as login details) when over on untrusted network (such as a local free Wi-Fi hotspot), the added privacy is through security as encrypting your communication to the website cannot be read by anyone else apart from you and the webserver.

However, HTTPS doesn't protect you completely: your ISP or network administrator can still see information (through traffic interception or other network-level tools) such as the domain you visited and the full URL (as well as information about the device you are using).

Full url really?
let's say i am watching this video : youtube.com/watch?v=Tybgyk3hfoM
What my isp sees? and what if i submit a comment?

>as well as information about the device you are using
How? User agent? Javascript ?

And what's about custom DNS ?

Only if man in the middle or http..

It uses certificates to verify you're connected to who you think you are. In addition, data transmission is encrypted.

>Retards
Nope, you're being retarded.
Google knows which posts/images are yours cus capcha, ISP doesn't.

If you are watching that video, your ISP can theoretically see the domain (youtube.com) and the full URL (youtube.com/watch/... ). If you were to submit a comment, your ISP will not be able to see your comment or any other content on the webpage, since YouTube uses HTTPS.

Your ISP can also in theory, get information about the device you are using. For instance, they already have your I.P address (since they are your ISP, of course) and with the I.P address, they can use scanning tools to detect or make an accurate guess of what device you are using. Your ISP can also theoretically inject HTML (like Comcast does - see the image) into a HTTP (non-secure) webpage to try and collect information about the device you are using (such as the useragent).

Using a custom DNS server (instead of the automatically assigned ISP's DNS servers) could help you to maintain your privacy.

not full url
you probably made DNS query beforehand (dunno how browser manages it, it should be just domain)
IP is definitely visible and mostly unique when website is self-hosted
cert is send to you unencrypted
there is some domain field in new TLS standard, again just domain

Being this new.
Toddlers not allowed on Sup Forums.

If you use DNSCrypt, dns queries are encrypted.

> "this ip uploaded 2.4 MiB of data while having boards.Sup Forums.org/g/thread open at 2:15AM"
> "i wonder if there is a connection between that and this 2.4MiB image being posted on boards.Sup Forums.org/g/thread at 2:15AM"

The HTTP get/post is encrypted.

now you also need to monitor ALL threads with precision

Talking about HTTPS at an ISP level is pointless. ISP can still datamine the fuck out of you, https or not.

The more realistic scenario of HTTPS is to prevent someone outside your house from snooping your traffic and or MiTM attacks.

> boards.Sup Forums.org/g/thread
Nope, ISP cannot see that much, only "boards.Sup Forums.org" (SNI server_name).

I suggest you installing Wireshack and doing experiments by yourself. Correlation attacks aren't impossible, but way complex.

On the other hand Google can track you easily.

...

eff.org/pages/tor-and-https

This websites illustrates the available data at each step of the internet connection

I think the simple pictures will match your intelligence level