aNewDomain.net — The U.S. government, PRISM, ECHELON and even government programs to spy on your snail mail are all over the news lately. Find out more on PRISM and see the leaked slides about it here.
Call it PRISM Prison or Project Spying on We The People. Whatever. There are some precautions you can take to secure your browsing habits. Whether your searches are dark and foreboding or just an endless photo stream of kittens, paranoia about a top secret FEMA containment camp or exportation altogether no longer seems quite so paranoid. Enter HTTPS Everywhere, from the privacy watchdogs at the Electronic Frontier Foundation.
HTTPS Everywhere. Really, All Over the Place.
The browser plugin HTTPS Everywhere is a Firefox and Chrome extension that aims at encrypting all your communications with many major websites. That makes browsing more secure than it is now. Install HTTPS Everywhere today and, as the EFF puts it, “encrypt the web.”
Again, quoting from the EFF website:
HTTPS Everywhere is produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using a clever technology to rewrite requests to these sites to HTTPS.”
Here’s how to install the HTTPS Everywhere plugin on Google Chrome and Firefox.
All image credits: Mat Lee
Keep in mind that the current version of the HTTPS Everywhere plugin for Google Chrome is in beta. But the Firefox add-on is a stable release.
Installation Instructions for Chrome
To install the plugin for Chrome, click the Chrome logo on the HTTPS Everywhere project page. Find the project page under the Encrypt the Web menu option — or in the Projects area on the sidebar of the EFF website. Or just click that link above.
The link will take you to the Chrome Store page for HTTPS Everywhere. Click Add to Chrome.
Then click Add in the Confirm New Extension dialog box.
You will now see a little icon in the upper right hand side of the address bar. Click it to check out the HTTPS Everywhere settings on whatever website you happen to be on. You will see Stable Rules and Experimental Rules. Play around with that and learn more.
Once you finish installing the plugin, share it with security-conscious friends on Google+ or via Gmail. I think everyone deserves the added security HTTPS Everywhere provides. Share the wealth.
When I first started writing this article, there were over 250,000 people using the HTTPS Everywhere plugin for Google Chrome. It’s a hit.
Installation Instructions for Firefox
For Firefox, the steps are similar. Click the Firefox icon on the HTTPS Everywhere page — there the program will ask you to confirm you want the add-on. Click Install.
Shot: Mat Lee
Once it finishes installing, restart the browser. Open it again and decide whether or not you want HTTPS Everywhere to use the SSL Observatory. I definitely recommend you do. Now you’re all set.
Shot: Mat Lee
The SSL Observatory is, to quote from the EFF site:
The EFF SSL Observatory is a project to investigate the certificates used to secure all of the sites encrypted with HTTPS on the Web. We have downloaded datasets of all of the publicly-visible SSL certificates on the IPv4 Internet, in order to search for vulnerabilities, document the practices of Certificate Authorities, and aid researchers interested (in) the web’s encryption infrastructure.”
If you would like to do more reading on HTTPS Everywhere, there is some phenomenal information on the HTTPS Everywhere FAQ page.
There is also a great write up by Chris Palmer from November 2010 on proper HTTPS implementation techniques. It helps you get your head around how and why to employ HTTPS Everywhere for you or users you support. Or both.
That’s it. For aNewDomain.net, I’m Mat Lee. Stay safe, friends.
Based in Kalispell, Montana, Mat Lee is a senior editor and podcaster at aNewDomain.net. He is yet another teamBYTE vet on our aNewDomain.net edit team and he hosts the popular Yet Another Tech Show (YATS). He is an Android man. Email Mat at Mat@aNewDomain.net and follow him on Google+, where he is +Mat Lee.