Two prominent privacy-rights organizations, the Tor Project and the Electronic Frontier Foundation, have launched a new Firefox extension that encrypts all of the browser’s communications with some prominent Web sites.
The extension, called HTTPS Everywhere, is designed to create secure HTTPS connections with some of the more popular sites on the Web, including the main Google search page, Facebook, Wikipedia, Twitter and PayPal. It’s not meant as a cure-all for the myriad man-in-the-middle and eavesdropping attacks that plague Web communications, but helps lock down the traffic to these sites.
But even on some of these sites, not all of the traffic will be encrypted because they include content from third-party sites that’s insecure.
“Note that some of those sites still include a lot of content from
third party domains that is not available over HTTPS. As always, if the
browser’s lock icon is broken or carries an exclamation mark, you may
remain vulnerable to some adversaries that use active attacks or traffic
analysis. However, the effort required to monitor your browsing should
still be usefully increased,” the EFF said in its announcement of the HTTPS Everywhere extension.
The extension, which is only available for Mozilla Firefox, is available on the EFF site.