Language Selection

English French German Italian Portuguese Spanish

EFF Tool Offers New Protection Against 'Firesheep'

Filed under
Security

The Electronic Frontier Foundation (EFF) has launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection for Firefox browser users against "Firesheep" and other exploits of webpage security flaws.

HTTPS secures web browsing by encrypting both requests from your browser to websites and the resulting pages that are displayed. Without HTTPS, your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking.

Unfortunately, while many sites on the web offer some limited support for HTTPS, it is often difficult to use. Websites may default to using the unencrypted, and therefore vulnerable, HTTP protocol or may fill HTTPS pages with insecure HTTP references. EFF's HTTPS Everywhere tool uses carefully crafted rules to switch sites from HTTP to HTTPS.

This new version of HTTPS Everywhere responds to growing concerns about website vulnerability in the wake of Firesheep, an attack tool that could enable an eavesdropper on a network to take over another user's web accounts -- on social networking sites or webmail systems, for example -- if the browser's connection to the web application either does not use cryptography or does not use it thoroughly enough.

rest here




More in Tux Machines

Arch Linux – Kde Plasma 5.3 stable is finally available for installation

Great news for Arch Linux users! From a few minutes, Kde Plasma 5.3 stable packages are officially available on Arch Linux repositories. In fact, after running the pacman -Syu command I finally noticed, listed on my terminal, the new packages of Plasma 5.3.0 with all the relative dependencies. Read more

Linux 4.1-rc2

So the -rc2's have lately been pretty small - looking more like late -rc's than early ones. It *used* to be that I couldn't even post the shortlog, because it was just too big. That's not been the case for the last few releases. I think people tend to take a breather after the merge window, because the -rc3's tend to then be a bit bigger again. But it may just also be that I've just gotten much better at saying "the merge window is over, I'm not taking random stragglers", or that people are just getting better at keeping to the merge window. Whatever the reason, the time of huge -rc2's seems to be happily behind us. Read more

GNOME 3.17.1 released

Hi GNOMErs! The development of the next GNOME release, 3.17, has started, and the first snapshot, 3.17.1, is now available. To compile GNOME 3.17.1, you can use the jhbuild [1] modulesets [2] (which use the exact tarball versions from the official release). [1] http://library.gnome.org/devel/jhbuild/ [2] http://download.gnome.org/teams/releng/3.17.1/ The release notes that describe the changes between 3.16.1 and 3.17.1 are available. Go read them to learn what's new in this release: core - http://download.gnome.org/core/3.17/3.17.1/NEWS apps - http://download.gnome.org/apps/3.17/3.17.1/NEWS The GNOME 3.17.1 release is available here: core sources - http://download.gnome.org/core/3.17/3.17.1 apps sources - http://download.gnome.org/apps/3.17/3.17.1 Read more