- Jun 18, 2014
- 1,403
HTTPS Everywhere v.4.0.1 - new version:
1.Significant new coverage: Reddit, Quora
2.Fixes include: Frontier Networks, Hotmail / Live, Microsoft, Mozilla, Ohio State, Rackspace, SJ.se, Timbo.se
3.Enhancements to MCB detection and subsequent ruleset fixes
Version History of HTTPS Everywhere:https://www.eff.org/files/Changelog.txt
About:
HTTPS Everywhere is a Firefox, Chrome and Opera extension that encrypts your communications with many major websites, making your browsing more secure.
It automatically switches thousands of sites from insecure "http" to secure "https". It will protect you against many forms of surveillance and account hijacking, and some forms of censorship.
HTTPS Everywhere is produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using a clever technology to rewrite requests to these sites to HTTPS.
"HTTPS Everywhere is an add-on for major web browsers that ensures that your connection to some websites is done over secure hypertext transfer protocol (HTTPS).
Not all websites are supported
Its action does not affect all websites but only those that support encrypted communication but do not have it enabled by default. This is achieved by rewriting the requests to these web locations so that the connection is done in a secure manner.
A full list of supported web locations that can be accessed securely through the browser extension is available in its preferences panel.
The list is pretty extensive and a search function is available to check the extent of support for a specific website since some of them can include content that is not available over HTTPS.
Reduced risk for man-in-the-middle attacks
The extension works automatically and seamlessly in the background so there is no interruption of the browser session for making any adjustments.
Another way to keep security at a higher level when browsing is to enable the connection to SSL Observatory, a project aimed at investigating the web certificates for sites using HTTPS.
It is a certificate cross-checking solution that helps eliminate man-in-the-middle (MITM) attacks and warns you about insecure connections or attacks targeting your browser.
The options available in this section allow sending ISP related details to the Observatory whenever a new certificate is detected. Additionally, it can cross-check self-signed certificates and those signed by non-standard root CAs (certificate authorities).
Conclusion
Having HTTPS Everywhere enabled in your browser does not ensure a secure connection to all websites you visit but it increases the security during a regular browsing session. Beyond the initial setup it does not require any attention because it works seamlessly in the background."
Source:http://www.softpedia.com ---by Ionut Ilascu
1.Significant new coverage: Reddit, Quora
2.Fixes include: Frontier Networks, Hotmail / Live, Microsoft, Mozilla, Ohio State, Rackspace, SJ.se, Timbo.se
3.Enhancements to MCB detection and subsequent ruleset fixes
Version History of HTTPS Everywhere:https://www.eff.org/files/Changelog.txt
About:
HTTPS Everywhere is a Firefox, Chrome and Opera extension that encrypts your communications with many major websites, making your browsing more secure.
It automatically switches thousands of sites from insecure "http" to secure "https". It will protect you against many forms of surveillance and account hijacking, and some forms of censorship.
HTTPS Everywhere is produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using a clever technology to rewrite requests to these sites to HTTPS.
"HTTPS Everywhere is an add-on for major web browsers that ensures that your connection to some websites is done over secure hypertext transfer protocol (HTTPS).
Not all websites are supported
Its action does not affect all websites but only those that support encrypted communication but do not have it enabled by default. This is achieved by rewriting the requests to these web locations so that the connection is done in a secure manner.
A full list of supported web locations that can be accessed securely through the browser extension is available in its preferences panel.
The list is pretty extensive and a search function is available to check the extent of support for a specific website since some of them can include content that is not available over HTTPS.
Reduced risk for man-in-the-middle attacks
The extension works automatically and seamlessly in the background so there is no interruption of the browser session for making any adjustments.
Another way to keep security at a higher level when browsing is to enable the connection to SSL Observatory, a project aimed at investigating the web certificates for sites using HTTPS.
It is a certificate cross-checking solution that helps eliminate man-in-the-middle (MITM) attacks and warns you about insecure connections or attacks targeting your browser.
The options available in this section allow sending ISP related details to the Observatory whenever a new certificate is detected. Additionally, it can cross-check self-signed certificates and those signed by non-standard root CAs (certificate authorities).
Conclusion
Having HTTPS Everywhere enabled in your browser does not ensure a secure connection to all websites you visit but it increases the security during a regular browsing session. Beyond the initial setup it does not require any attention because it works seamlessly in the background."
Source:http://www.softpedia.com ---by Ionut Ilascu
Last edited:
