August 15, 2022

TheCyberThrone

Thinking Security ! Always

HTTPS Everywhere soon will become Nowhere

HTTPS in the browser bar.

A browser extension that encrypts and secures your communication with websites, HTTPS Everywhere has come a long way. Data transfers between a web browser and a visiting website should always be secure. Before internet encryption was adopted, all data was transferred using the unencrypted HTTP that leaves your information vulnerable to eavesdropping, interception, and alteration.

Most data over the internet now uses HTTPS, the secure version of HTTP. And for those websites that are still unencrypted, the HTTPS Everywhere extension ensures that each unencrypted transfer is automatically converted to HTTPS.

Advertisements

One can find HTTPS in the URL field when you are trying to reach a website. This protocol guarantees that the website you are trying to reach is secured by an SSL certificate.SSL ensures that the data transfer between two entities remains both encrypted and private.

In the past, not all websites invested in SSL certificates, and a lot of data was transferred in plain text. Needless to say, there was a dire need for users to be switched to secure data transfers while browsing the internet.

Https-Everywhere

Produced as a collaboration between The Tor Project and Electronic Frontier Foundation (EFF) in 2010, HTTPS Everywhere was launched as the much-needed solution for this growing problem. It helped transfer site connections to HTTPS when users clicked on HTTP links or typed website names in their browser without specifying the “https://” prefix. Essentially, HTTPS Everywhere redirects you to the HTTPS version of a website that you are trying to visit.

SSL Certificates

SSL certificate.

When the HTTPS Everywhere extension first came out, most websites either didn’t support HTTPS or HTTPS adoptions had not yet taken place at the website level.

Google and Microsoft collaborated to expedite HTTPS adoption and enforce end-to-end encryption on the web. A huge number of sites from HTTP to HTTPS, they also launched a built-in HTTPS only mode which loads pages through secure connections only.

Advertisements

This built-in HTTPS mode drastically reduced the usage of the HTTPS Everywhere extension. After all, why would anyone want to use extra browser extensions when HTTPS is integrated right into your browser?

The eventual aim for HTTPS Everywhere was to become redundant. That would mean a world of internet connections where HTTPS is so easily accessible and vastly available that users no longer need an extra browser extension.

With mainstream browsers offering native support for HTTPS only mode, that time has finally arrived. The EFF finally made an announcement that it will retire its HTTPS Everywhere browser extension in 2022.

Advertisements

All four major consumer browsers Microsoft Edge, Apple Safari, Google Chrome, and Mozilla Firefox now natively provide automated upgrades from HTTP to HTTPS.

%d bloggers like this: