Language Selection

English French German Italian Portuguese Spanish

EFF Tool Offers New Protection Against 'Firesheep'

Filed under
Security

The Electronic Frontier Foundation (EFF) has launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection for Firefox browser users against "Firesheep" and other exploits of webpage security flaws.

HTTPS secures web browsing by encrypting both requests from your browser to websites and the resulting pages that are displayed. Without HTTPS, your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking.

Unfortunately, while many sites on the web offer some limited support for HTTPS, it is often difficult to use. Websites may default to using the unencrypted, and therefore vulnerable, HTTP protocol or may fill HTTPS pages with insecure HTTP references. EFF's HTTPS Everywhere tool uses carefully crafted rules to switch sites from HTTP to HTTPS.

This new version of HTTPS Everywhere responds to growing concerns about website vulnerability in the wake of Firesheep, an attack tool that could enable an eavesdropper on a network to take over another user's web accounts -- on social networking sites or webmail systems, for example -- if the browser's connection to the web application either does not use cryptography or does not use it thoroughly enough.

rest here




More in Tux Machines

LILO Boot-Loader Development To Cease At End Of Year

While most of you probably haven't used the LILO bootloader in years in place of GRUB(2), the developer of "LInux LOader" intends to cease development at the end of the year. This summer's intern, Eric Griffith, pointed out today an undated message on the LILO homepage about the bootloader project planning to end development at the end of 2015. Read more

Systemd Takes Over su, FCC Bans Open Source Firmware

Paul Carroty posted Friday of the news that Lennart Poettering merged an 'su' command replacement into systemd and Fedora Rawhide - coming to a Linux system near you next. Elsewhere, Hackaday.com's Brian Benchoff said new FCC regulations just killed Open Source firmware replacement and Phoronix.com today reported that LILO is being abandoned. Several polls caught my eye today as did the new Linux workstation security checklist. Read more

Accelerating Scientific Analysis with the SciDB Open Source Database System

Science is swimming in data. And, the already daunting task of managing and analyzing this information will only become more difficult as scientific instruments — especially those capable of delivering more than a petabyte (that’s a quadrillion bytes) of information per day — come online. Tackling these extreme data challenges will require a system that is easy enough for any scientist to use, that can effectively harness the power of ever-more-powerful supercomputers, and that is unified and extendable. This is where the Department of Energy’s (DOE) National Energy Research Scientific Computing Center’s (NERSC’s) implementation of SciDB comes in. Read more

Open Source GPU now out

Hoping that MIAOW is not a catastrophe An open saucy general-purpose graphics processor (GPGPU) has been unveiled at the Hot Chips event. The GPGPU is relatively crude and is part of another piece of an emerging open-source hardware platform called MIAOW. Read more Also: Nvidia Linux Video Driver 355.11 Adds Experimental OpenGL Support to EGL