HTTPS Everywhere vs. DNSCrypt

Do HTTPS Everywhere and DNSCrypt essentially do the same thing, or is there value in having both?

 

They solve a totally different problem. Use both.

 

HTTPS encrypts your webpage/ the data that would normally go over HTTP. DNS is separate, and is typically unencrypted. OpenDNS encrypts the DNS requests.

 

Thanks to both of you. Appreciate the clarification.

With Firefox, how do you know when HTTPS Everywhere is working and has kicked in on a site? Will it display just like any other secure (https) site?

 

Yes. the URL will show HTTPS.

 

What are the pros and cons of using the "SSL Observatory" feature?

 

The only thing good thing about Firefox is No-Script. Besides that Chrome is the better browser by a long long way.

I'm not sure why the open source community still uses Firefox, I can't see a good enough reason for Chrome not to be stock on all Linux distro's besides a dislike for google.

 

That's a big "but" or "besides". Some would rather not let Google do everything for them. In fact, many would rather have little to nothing to do with Google.

 

Goggle is not EVIL. They make some very good products like Chrome, Gmail, GoogleDocs & Android (lacks in security I admit). Their spam filter is the best in the world too. So it's not all bad, at least they are transparent in their dealings with LE. Sure they could have a better privacy policy but in the end I still use their services because their good.

Who does Firefox or the Mozzila foundation answer to? No one is my guess. At least we know Google's privacy policy and their interactions with LE. Mozilla has been caught supplying fake certificates to Anonymous in the PEDO DARKNET OP. IMHO Firefox has major issues with certificates, I've been MiTM more than once so I don't trust it. Besides No-Script which I don't know why hasn't been ported to chrome, there really isn't anything good in Firefox. Chrome beats it hand's down for security and speed, and you can beef it up security wise..

 

A lot of browsers give no warning if the OCSP check fails because the OCSP server is down, but you can change that in the settings. Don't know if Chrome has/had that? Read this too:
-http://chromebygoogle.net/2012/02/symantec-criticises-google-for-stripping-security-certificate-checks-from-chrome-2/-

 

What, if anything, can you do in Firefox?

 

i was already using OpenDNS so i started using Crypt and Https Everywhere for Chrome to check it out..

 

By default, OCSP is done on certificates that specify an OCSP server. You can also set it to validate all certs on a specified server(there is a whole list to choose from or you can enter an URL yourself) And there is an option to treat the cert as invalid if there is no connection possible to the OCSP server(for example when it is down or hacked.)

 

Where exactly in FF do you make these changes -- and can you give me a couple examples of these "other" servers.

 

On a privacy forum that is a pretty big exception. I personally use gmail as for me government isn't my primary concern, malicious users are. Now if I wasn’t for a country’s government I was living in or concerned of data interception, Google is the last resource I would want to turn to, even if it is the best free solution. Keep in mind Google at the end of the day is a company, they are starting to branch out, but make no mistake their main source of income is still the data collected and analyzed through their free services and search tools. (for both marketing, legal, and intelligence)

 

Go to settings->advanced->encryption->validation. The servers are from CA's including well known ones like Comodo, Go Daddy and Verisign.

 

My Computer seems to be a lot faster now since i have been using DNSCrypt.

 

You see I agree with you, But stuff like Gmail, Youtube, GoogleDocs are worth using IMHO. Even if their privacy policy isn't up to scratch I'll still use them despite privacy concerns.

I just figure someone, somewhere is watching.

 

Why it was detected by AVG?

http://www.urlvoid.com/scan/opendns.com/

 

A better question is, what doesn't AVG detect as a virus?

 

I think that LinkScanner (AVG ThreatLabs gets its data from it) detected something in one of OpenDNS forum pages. Maybe someone posted a link to an exploit/other page to be blocked?

For some reason I cannot see what's provided here: -http://www.avgthreatlabs.com/sitereports/domain/forums.opendns.com/#analytics

Can anyone open it and see what info does it reveal? Maybe it will reveal what it blocked...

 

I took a screenshot and uploaded it for you: -http://i48.tinypic.com/rbw0h3.jpg-

HTML/Framer -http://www.htmlframer.com/-