HTTPS Everywhere

HTTPS stands for “Hypertext Transfer Protocol Secure”. The protocol itself is the same as HTTP, but when a web resource is accessed via an HTTPS link the web client and web server negotiate a layer of encryption, with the goal of encrypting the web session (to protect that data from eavesdropping) and authenticating the web server (to prevent the user from man-in-the-middle attacks).

HTTPS Everywhere is a browser plugin (currently for Firefox and Chrome, though ports for other browsers may be available in the future) that forces “ordinary” web browsing sessions to use the HTTP Secure protocol to encrypt web traffic between the user and the server. HTTPS can reduce the risk of man-in-the-middle attacks while using popular websites.

HTTPS Everywhere protects against man-in-the-middle attacks, and it can encrypt the content being sent to and from your browser. It can protect that data from being detected by eavesdroppers, but they will still be able to see what website you are accessing, and if the website includes HTTP data (that is not encrypted) it may give an eavesdropper enough information to infer what your encrypted data is.

This entry was posted in Uncategorized. Bookmark the permalink.