Most of the web’s traffic routes over a standard open protocol called HTTP. Because HTTP traffic is unencrypted, any information sent over HTTP can be read and modified by anyone. While a secure version of HTTP (HTTPS) has been around for a while, some websites have been slow to adopt it. Now there is a helpful tool that will keep your information more secure when you are online.
Developed by The Tor Project and the Electronic Frontier Foundation (EFF), HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications, making your browsing more secure.
What HTTPS helps to secure
As the bare minimum for web security, HTTPS provides:
- Server authentication. Users have better confidence that they are talking to the web application server.
- Data confidentiality. Data is sent encrypted between the user’s browser and the web server so that others cannot view it.
- Data integrity. This ensures that an attacker cannot damage or alter the data between the user’s browser and the web server.
What HTTPS Everywhere protects against
HTTPS Everywhere can protect you against snooping and tampering with the content of a site or with the information you send to the site. Ideally, this provides some protection against an attacker learning the context of the information flowing in each direction. For example:
- the context of e-mail messages you send or receive;
- products you browse or purchase online;
- articles you read.
However, HTTPS Everywhere does not conceal the:
- identities of the sites you access;
- amount of time you spend on a site;
- amount of information you upload or download.