Admin: Created page with "'''HTTPS Everywhere''' is a free and open source browser extension for Google Chrome, Mozilla Firefox, Opera and Firefo..."

2019-05-29T11:18:58Z

Created page with "'''HTTPS Everywhere''' is a free and open source browser extension for Google Chrome, Mozilla Firefox, Opera and Firefo..."

New page

'''HTTPS Everywhere''' is a [[free software|free]] and [[open source]] [[browser extension]] for [[Google Chrome]], [[Mozilla Firefox]], [[Opera (browser)|Opera]] and [[Firefox for Android]], which is developed collaboratively by [[The Tor Project]] and the [[Electronic Frontier Foundation]] (EFF). It automatically makes websites use a more secure [[HTTPS]] connection instead of [[HTTP]], if they support it.

==Development==
HTTPS Everywhere was inspired by [[Google]]'s increased use of HTTPS, and is designed to force the usage of HTTPS automatically whenever possible. The code, in part, is based on [[NoScript]]'s [[HTTP Strict Transport Security]] implementation, but HTTPS Everywhere is intended to be simpler to use than [[NoScript]]'s force HTTPS functionality which requires the user to manually add websites to a list. The EFF provides information for users on how to add HTTPS rulesets to HTTPS Everywhere, and information on which websites support HTTPS.

===Platform support===
A public beta of HTTPS Everywhere for Firefox was released in 2010, and version 1.0 was released in 2011. A beta for Google Chrome was released in February 2012. In 2014, a version was released for [[Android (operating system)|Android]] phones.

== SSL Observatory ==
The SSL Observatory is a feature in HTTPS Everywhere introduced in version 2.0.1 and if the user is vulnerable to [[man-in-the-middle attack]]s. In 2013, the [[ICANN]] [[Security and Stability Advisory Committee]] (SSAC) noted that the dataset used by the SSL Observatory often treated intermediate authorities as different entities, thus inflating the number of certificate authorities. The SSAC criticized SSL Observatory for potentially significantly undercounting internal name certificates, and noted that it used a data set from 2010.

==Reception==
Two studies have recommended building in HTTPS Everywhere functionality into Android browsers. In 2012, Eric Phetteplace described it as "perhaps the best response to [[Firesheep]]-style attacks available for any platform". In 2011, Vincent Toubiana and Vincent Verdot pointed out some drawbacks of the HTTPS Everywhere add-on, including that the list of services which support HTTPS needs maintaining, and that some services are redirected to HTTPS even though they are not yet available in HTTPS, not allowing the user of the extension to get to the service.

==See also==

* [[Transport Layer Security]] (TLS) – A cryptographic protocols that provide communications security over a computer network.
* [[Privacy Badger]] – A free browser extension created by the EFF that blocks advertisements and tracking cookies.
* [[Switzerland (software)]] – An open source network monitoring utility developed by the EFF to monitor network traffic.
* [[Let's Encrypt]] – A free automated X.509 certificate authority designed to simplify the setup and maintenance of TLS encrypted secure websites
* [[HTTP Strict Transport Security]] - A web security policy mechanism which helps to protect websites against protocol downgrade attacks and cookie hijacking.

==Source==

[http://wikipedia.org/ http://wikipedia.org/]
[[Category:Open source]]
[[Category:Chrome extensions]]
[[Category:Firefox extensions]]

HTTPS Everywhere - Revision history

Admin: Created page with "'''HTTPS Everywhere''' is a free and open source browser extension for Google Chrome, Mozilla Firefox, Opera and Firefo..."