Last year, the web optimization network CloudFlare promised it would double SSL usage on the web in 2014 — and last night, the company made good on its promise. Overnight, CloudFlare deployed its Universal SSL feature, offering free SSL encryption to any site that opted in. All told, that meant two million new sites with the feature, effectively doubling encryption on the web overnight.
SSL is already common among email and banking services — usually seen as a gold or green padlock icon in the browser's URL bar — but the extra expense in hosting means most websites end up skipping the extra protections. As a result, the bulk of web traffic goes unencrypted, vulnerable to passive surveillance and redirection attacks. Since the Snowden leaks, many web advocates have seen that as a growing problem. In December, CloudFlare announced its plans to offer free SSL, and in August, Google announced it would give SSL sites a boost in search rankings, adding yet another reason to switch. Even with Universal SSL in place, it's still just a fraction of the web that's protected by SSL — but after today, it's safe to say that fraction is growing.