Encrypts communication with a rich list of websites that support secure connections but do not have them enabled by default and reduce the risk of MITM attacks.
- HTTPS Everywhere for Firefox
- Version :5.2.20
- License :MIT License
- OS :Windows All
- Publisher :EFF
HTTPS Everywhere for Firefox Description
HTTPS Everywhere for Firefox is an add-on ensuring that your connection to some websites is done over secure hypertext transfer protocol (HTTPS), with the extension being available for Chrome and Opera as well.
Not all websites are supported
Its action does not affect all websites but only those that support encrypted communication but do not have it enabled by default. This is achieved by rewriting the requests to these web locations so that the connection is done in a secure manner.
A full list of supported web locations that can be accessed securely through the browser extension is available in its preferences panel.
The list is pretty extensive and a search function is available to check the extent of support for a specific website since some of them can include content that is not available over HTTPS.
Reduced risk for man-in-the-middle attacks
The extension works automatically and seamlessly in the background so there is no interruption of the browser session for making any adjustments.
Another way to keep security at a higher level when browsing is to enable the connection to SSL Observatory, a project aimed at investigating the web certificates for sites using HTTPS.
It is a certificate cross-checking solution that helps eliminate man-in-the-middle (MITM) attacks and warns you about insecure connections or attacks targeting your browser.
The options available in this section allow sending ISP related details to the Observatory whenever a new certificate is detected. Additionally, it can cross-check self-signed certificates and those signed by non-standard root CAs (certificate authorities).
Having HTTPS Everywhere enabled in your browser does not ensure a secure connection to all websites you visit but it increases the security during a regular browsing session. Beyond the initial setup it does not require any attention because it works seamlessly in the background.