 Finally there is a way to stop eavesdropping or hacking in Firefox. Sure there are other extension Firefox can use, which we will get into later, but HTTPS Everywhere is another great solution to solving this problem.
Let me explain how this works, and how someone could watch or hack your computer. It is really quite easy if you know what you are doing.
Today EFF and the Tor Project are launching a public beta of a new Firefox extension called HTTPS Everywhere, an extension to help users protect their privacy. Here is a clip from their website :Firefox displays a colored address bar and an unbroken lock icon in the bottom-right corner, the page is not completely encrypted and you may still be vulnerable to various forms of eavesdropping or hacking (in many cases, HTTPS Everywhere can't prevent this because sites incorporate insecure third-party content). I can see when I am on Blogger, that my encryption is working perfectly. However when creating this posting, it does not display any lock icon nor does it encrypt this page. Hmm... but never the less, this extension is worth is weight in gold (next to noscript & tor which we will get into later).
Difference from HTTP As opposed to HTTP URLs which begin with "http://" and use port 80 by default, HTTPS URLs begin with "https://" and use port 443 by default (This is important to understand).
HTTP is insecure and is subject to man-in-the-middle and eavesdropping attacks which can let attackers gain access to website accounts and sensitive information. HTTPS is designed to withstand such attacks and is considered secure (which you are probably using now).
How Authentication Works Imagine receiving an envelope with no return address and a form asking for your bank account number. Every VeriSign® SSL Certificate is created for a particular server in a specific domain for a verified business entity. When the SSL handshake occurs, the browser requires authentication information from the server. By clicking the closed padlock in the browser window or certain SSL trust marks (such as the VeriSign Secured® Seal), the Web site visitor sees the authenticated organization name. In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns green when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning. So, okay lets say you want to get protected what exactly do you need to do ? 1st, download an install HTTPS Everywhere. The link is in blue (on this line). Lastly, if you know how the web works and how websites generate their contenet Download NOSCRIPT from Firefox. NOTE - If you do not know what a script is, this extension might not work for you, so I do NOT recommend installing it. A Script is a tiny piece of code telling a website to do something (e.g. playing video, counters, display something a fancy way , etc ...) So for you decide if you want NOSCRIPT. Lastly, I have no faith in TOR. It slows our system down to much, and I believe my IP is still tracked in various ways, so I do not use it. Tor protects you by bouncing your communications around the world, as yes it is slow. Again the choice is yours. Here is the link. Now back to HTTPS Everywhere ... In simple english, this extension encrypts your data before sending, and de-crypts it when you get a response back from the webpage your on. So, if I was using 3rd party software to monitor your browsing , or watching you on a wireless network, I would still would see what you are doing, but it would display on my computer as "rubbish", effectively blocking my monitoring. It is highly recommended that you do use HTTPS ! Does it interfere with your browsing ? NAW, you wouldn't even know it is there (other than the little o'paddle lock on the bottom right. It is easy to install, and another great extension for Firefox.
Tell us what you think ! Do you have more information about HTTPS ? If so, please contact the editors of OS9USER Newsroom and tell us.
|
