HTTPS Everywhere

Discussion in 'privacy technology' started by TomAZ, May 20, 2014.

Thread Status:
Not open for further replies.
  1. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,002
    Location:
    USA
    I haven't used this extension with Firefox in quite some time. However, if I remember correctly, it included/loaded a fairly large database when launching your browser. Again, as I recall, this seemed to delay the browser load time a little and even decreased the overall performance of Firefox. Is this still the case -- does it still operate this way?
     
  2. blainefry

    blainefry Registered Member

    Joined:
    Jan 25, 2014
    Posts:
    165
    Not sure how long ago you're talking, but I haven't noticed anything. I can't imagine how it could really make any noticeable difference. Especially not with computing power and memory these days. Not to mention the speed and efficiency Firefox has gained over time.

    If you're really that curious, just make separate FF profiles and only install the addon on one of them and see if you can really tell.

    In my opinion there's no reason not to use it. You really do want https everywhere. Encrypting the Internet is one of the best things we can do to thwart mass surveillance.
     
  3. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,002
    Location:
    USA
    How often does this extension actually kick in and make the change to https? Or is it more "hype" than anything else?
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,742
    Location:
    Texas
  5. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    It works on most sites, but those sites have to obviously support HTTPS to begin with in a way that doesn't break stuff. And even if they do support it most sites don't always have the best SSL/TLS config, (test away. https://www.ssllabs.com/ ). Every so often I'll come across a site that's slightly broken or doesn't work with HTTPS (Twitch/Justin.tv, pc world, etc) so I just disable those rules. My experience for every site that's broken, 100 work fine. It depends on what sites you go on, and if you do run into a bad ruleset you can report it: https://www.eff.org/https-everywhere/development

    I haven't noticed any slow down or any major issues that'd make me uninstall it. But I am noticing some crashes that started happening for me across a few different Win7 systems since Firefox 28 or so: https://trac.torproject.org/projects/tor/ticket/11700

    Again though, nothing to the point where I've wanted to disable it.
     
  6. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,002
    Location:
    USA
    If it does force a site from http to https, does the address bar change to "green" (or some other indicator depending on the browser) so that you can confirm the site is now secure?
     
  7. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    No, because it'd have to depend on the site. See as an example StartCom's CA plans: https://www.startssl.com/ See how one of them is the "Extended validation"? When sites buy "HTTPS" keys they purchase a "plan". Basically, it entirely depends on the site and what plan they purchased and has nothing to do with HTTPS Everywhere for when the address bar changes to green.

    But you can see what HTTPS Everywhere is doing by clicking the drop down arrow and seeing which rule sets are enabled for the site you're on.
     
Loading...
Thread Status:
Not open for further replies.