New Firefox extension adds encryption protection to 1k sites

Users of Mozilla's Firefox browser stand to get an extra layer of protection with a new extension that encrypts their communication with more than 1,000 major websites. The Electronic Frontier Foundation, a nonprofit foundation advocating digital rights, said the "HTTPS Everywhere" extension rewrites requests to https (secure HTTP). "Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS," it said in a blog post. The EFF said the project is a collaboration with The Tor Project. But the EFF warned this will not necessarily work on all sites. "HTTPS Everywhere can protect you only when you're using sites that support HTTPS and for which HTTPS Everywhere includes rules. If sites you use don't support HTTPS, ask the site operators to add it; only the site operator is able to enable HTTPS," it said. It also said many sites still include much content from third-party domains that may not be available over HTTPS. "As always, if the browser's lock icon is broken or carries an exclamation mark, you may remain vulnerable to some adversaries that use active attacks or traffic analysis. However, the effort that would be required to eavesdrop on your browsing should still be usefully increased," it said. According to the EFF, the plugin currently works for "over 1,000" major websites, including:

• Google Search
• Wikipedia
• Twitter
• Facebook
• bit.ly
• GMX
• Wordpress.com blogs
• The New York Times
• Paypal
• EFF
• Tor
• Ixquick

Meanwhile, the EFF urged users to ask site operators who still do not support HTTPS at this time to add or enable it. — TJD, GMA News