Do you use HTTPS Everywhere?

[Gandalf_The_Grey]

No because I got a problem with the twitter, hotmail and adblock plus websites. Instead I use KB SSL Enforcer and its button in Google Chrome.

[AMIGA500]

I cannot find it in firefox.I assume it has been discontinued or removed.

[Gandalf_The_Grey]

Quote:

Originally Posted by Beethoven1770

I cannot find it in firefox.I assume it has been discontinued or removed.

You can get it from the website of the Electronic Frontier Foundation:
https://www.eff.org/https-everywhere

[AMIGA500]

Quote:

Originally Posted by Gandalf_The_Grey

You can get it from the website of the Electronic Frontier Foundation:
https://www.eff.org/https-everywhere

Thanks for that gandalf
Do you know why it isnt in the addons section?

[Gandalf_The_Grey]

Quote:

Originally Posted by Beethoven1770

Thanks for that gandalf
Do you know why it isnt in the addons section?

From their FAQ:

Quote:

Q. Why isn't HTTPS Everywhere available for download from addons.mozilla.org like most other Firefox add-ons?
A. We felt that the Mozilla privacy policy that applies to downloads from addons.mozilla.org is somewhat less protective than the privacy policies of the organizations that develop HTTPS Everywhere, and we prefer for HTTPS Everywhere users to be protected by our privacy policy. This decision could change in the future as Mozilla's privacy practices evolve or as we re-examine the details of the current Mozilla policy.

https://www.eff.org/https-everywhere/faq/

[sweater]

Coupled it with HTTPS Finder coz I think it improves the protection and surfing speed.

https://addons.mozilla.org/en-US/fir.../https-finder/

[noone_particular]

I couldn't vote on the poll, nothing fits. At present, I'm using it with SeaMonkey.

I'm questioning just how useful this extension is. I'd rather see an extension that defaults to HTTPS and falls back to HTTP (with a warning to the user) if necessary. IMO, this extension and others (like Ghostery) are little more than blacklisting tools, suffering from the same shortcomings as signature based AVs, never compltete, never up to date. With this extension, the list just grew by 1500. I've watched Ghostery go from a few hundred to over 1100 blacklisted elements plus another 600+ cookies. With AVs, checking everything against those multi-megabyte databases makes them resource hungry and slows things down. IMO, extensions like these are taking browsers down the same road. While they do serve a purpose, there's got to be a better way than these lists.

In addition, I'm questioning just how valuable HTTPS is, given everything that has happened with the certificates and the companies behind them. IMO, the whole thing is broken.

[AMIGA500]

ive installed this in firefox.
Does anyone use the ssl observatory feature.?
Any comments please.

I've recently installed it in Chrome.

There's nothing like this for IE9, correct?

I'll give it another go with Firefox.

[Amit]

Not using it now.

[Mrkvonic]

You asked why - there's no need.
It's useful where a secure connection is required.
Mrk

[J_L]

Only on Tor Browser, where it's installed by default.

[Landpaddle]

HTTPS Everywhere is more effective in Firefox than it is in Chrome. Nevertheless, the extension is an invaluable tool for people who value SSL or TLS when banking or who log in to a plethora of websites regularly.

Super duper fun fact: wilderssecurity is not encrypted by default, and its only method of encryption is through a self-signed certificate -- common practice for shady websites. Go figure.

[safeguy]

On Firefox, mostly yes.
On Chrome, it's "on and off basis".

[Hungry Man]

I use it. It's a great way to prevent SSL-Strip attacks. Any page not secured with HTTPS is a page that an attacker can control through MITM attacks. Beyond that, assuming your ISP or whoever is recording the information/ logging packets, encryption will make the information useless.

HTTPS has virtually no performance hit that I can see, and it's invaluable.

[jo3blac1]

I stopped using it after it broke my bing dashboard.

[luciddream]

I used it with HTTPS Finder initially... but only until it set rules for all of my favorited sites in HTTPS-Everywhere. Then I removed the former to eliminate the overhead of checking for SSL on every site I visit. I really don't visit new sites often anyway, I have a pretty set routine on here.

[acr1965]

I used it for a short while until it started breaking sites I visit. I don't see it as all that useful. Any financial sites I visit are https anyway and the negatives outweigh the positives on http sites.

[SweX]

It's not available for my browser so NO I don't

[luciddream]

Quote:

Originally Posted by Landpaddle

Super duper fun fact: wilderssecurity is not encrypted by default, and its only method of encryption is through a self-signed certificate -- common practice for shady websites. Go figure.

Agreed... and everyone acts oblivious to this fact in here too, or that it's no big deal. Yet if it were the case on another site, say a trusted security software vendor like Avast, etc... people would be all suspicious and beating a dead horse about the subject matter.

It surprises me that such a scenario would be allowed to exist in a place like this.

[SirDrexl]

I was using it, but recently I kept getting extension errors in Chrome because it seems to conflict with Do Not Track Me for some reason.

[Boyfriend]

I have tried it in past. Currently majority of sites have no support of https. For common sites I use, I have saved their https links as bookmark (no footprint).

[Saint Satin Stain]

Use it in Firefox, Chrome, and Pale Moon.