Language Selection

English French German Italian Portuguese Spanish

EFF Tool Offers New Protection Against 'Firesheep'

Filed under
Security

The Electronic Frontier Foundation (EFF) has launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection for Firefox browser users against "Firesheep" and other exploits of webpage security flaws.

HTTPS secures web browsing by encrypting both requests from your browser to websites and the resulting pages that are displayed. Without HTTPS, your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking.

Unfortunately, while many sites on the web offer some limited support for HTTPS, it is often difficult to use. Websites may default to using the unencrypted, and therefore vulnerable, HTTP protocol or may fill HTTPS pages with insecure HTTP references. EFF's HTTPS Everywhere tool uses carefully crafted rules to switch sites from HTTP to HTTPS.

This new version of HTTPS Everywhere responds to growing concerns about website vulnerability in the wake of Firesheep, an attack tool that could enable an eavesdropper on a network to take over another user's web accounts -- on social networking sites or webmail systems, for example -- if the browser's connection to the web application either does not use cryptography or does not use it thoroughly enough.

rest here




More in Tux Machines

Leftovers: Software

  • mpv Is a Media Player with No UI That Runs From Terminal
    mpv, an open source media player that has been forked from mplayer2 and MPlayer and that works only from the command line, has been upgraded to version 0.7.3 and is ready for download.
  • unhtml: Peeling away the layers
    unhtml is one of probably two or three (or four or five …) html-strippers that I’ve seen since the start of this silly little site, and while it’s not the most elegant or flexible, it might be the oldest.
  • List Of Tools To Monitor The Health Of Your Linux System
    Achieving good performance from a computer or network is an important part of system administration.The monitoring and maintenance of the system is the most important task listed in the checklists for daily tasks of a system and network administrator. There are many commands line utilities created for this purpose.
  • Clamping down on users with rbash
    For the first thing, it's an optional feature of bash. It can be included in bash if the --enable-restricted option is used with the configure command when bash is built. To make it usable, you (assuming you're the admin now) create a symbolic link to bash and call is rbash. It's as simple as that. And if you're not sure if a system that you use or administer provides the rbash functionality, try this:
  • What is a good command-line IRC client on Linux
    Now replaced more and more by forums, social networks, or mailing lists, IRC was once the method of communication of the web. And if it stands today as the last bastion of hackers and bearded Linux users, it remains one of the fastest and most specific channel of communication. If you have a technical difficulty, or just want some company, there is an appropriate IRC channel for you. And if you are tired of the YouTube comment section and its torrent of hate, IRC people are in general much more behaved (and moderated). So in short, here is a non-exhaustive list of IRC console clients. Why console? Because if you go down there, you might as well do it in style.
  • AppStream 0.8 released!
    Yesterday I released version 0.8 of AppStream, the cross-distribution standard for software metadata, that is currently used by GNOME-Software, Muon and Apper in to display rich metadata about applications and other software components.
  • AppStream 0.8 Works On Improving Open-Source Software Metadata
  • Centreon: A Free Alternative To Nagios Xi Monitoring Platform
  • imgflo 0.3: GEGL metaoperations++
    GEGL has for a long time supported meta-operations: operations which are built as a sub-graph of other operations. However, they had to be built programatically using the C API which limited tooling support and the platform-specific nature made them hard to distribute. [...] This makes Flowhub+imgflo a useful tool also outside the web-based processing workflow it is primarily built for. Feature is available in GEGL and GIMP master as of last week, and will be released in GIMP 2.10 / GEGL 0.3.
  • Opera Founder Builds a New, Fast and Powerful Browser Called Vivaldi – Gallery
    Vivaldi is a web browser based on Chromium, developed by an Opera founder and his team. They want to provide a browser that is aimed at power users and that makes no compromises regarding its functionality.

today's howtos

Leftovers: Gaming