February 8, 2011
Force a Secure Connection in your Browser
These days, hackers are finding it easier and easier to prey upon web surfers who access websites through traditional, insecure means. You know what I mean here, right? A website has no special security when it has the typical "http://" in front of the address. If you're visiting a site that has confidential or private information, you want to make sure the address starts with "https://" - which means the connection is encrypted. Your browser will also show a padlock or change the color of the address bar to tell you that security is enabled.
More and more websites actually have HTTPS-enabled sites, to protect their visitors - however, they don't offer these sites by default, because typically they are slower to load, and can sometimes degrade the viewer experience. But if you want to "force" a secure connection to load when you visit those sites, there's now a way to do that. The Electronic Frontier Foundation has developed an extension for the Firefox browser called HTTPS Everywhere, which automatically enables a secure connection for the sites that have them. Some of the sites included in this extension are:
- New York Times
- Washington Post
....and more. Unfortunately, the extension only works for Firefox - when do we get versions for Internet Explorer and Chrome, EFF?