Here’s a quick and easy add-on to your Firefox browser that’ll make all your coffee breaks a little more secure. Get the HTTPS Everywhere extension.
If you were attuned to the buzz back in October, you heard a lot about Firesheep and how it made painfully clear how the practices of many popular websites puts user information at risk by not encrypting user information. CNN did a story on how Firesheep may endanger your computer when using wi-fi. It discusses the risk, and offers a few suggestions like logging out of your accounts when done to reduce your risk of being automatically logged in when you launch your browser on a Wi-Fi network.
HTTPS Everywhere, a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation, can help in some cases. It encrypts your communications with a number of major websites and its latest version is designed to offer improved protection against Firesheep.
It provides much better protection for Facebook, Twitter and Hotmail accounts, as well as completely new protection for bit.ly, Dropbox, Amazon AWS, Evernote, Cisco and Github. The extension makes your web browser demand an HTTPS connection if it’s available. (NOTE: the phrase “if it’s available.”) HTTPS Everywhere only works if a site implements HTTPS; many of the most popular sites still haven’t deployed HTTPS properly, if at all. And for maximum Firesheep protection, especially on Facebook, you must take two extra steps: you’ll find all the details on the HTTPS Everywhere site.
This is an easy but important step for you to take until major websites implement HTTPS properly and completely.