HTTPS Everywhere

Note: This review addresses v0.9.0 of the software.

The Web is an insecure place and getting more insecure all the time. The latest threat, the Firesheep add-in for Firefox, is particularly dangerous because it is exceedingly simple to use. Someone with absolutely no hacking experience can grab your private login information to sites such as Facebook and Amazon, and then log in as you and do anything they want, as if they were you. The free Firefox add-in HTTPS Everywhere helps protect against that threat and other privacy invaders by effectively encrypting information when you visit certain Web sites.

A collaboration between the Electronic Frontier Foundation and the Tor Project (which employs a network and free software to help protect people’s privacy), HTTPS Everywhere ensures that when you visit certain sites, all of your communications are encrypted and secure.

To use it, all you need to do is install it. Once you do that, HTTPS Everywhere does its work invisibly. Among the sites it works on are Facebook, Twitter, Google Search, Wikipedia, Paypal, the New York Times, the Washington Post, and others. It works only when the sites themselves use the HTTPS protocol, and works only on a group of specific sites. So it won’t protect you everywhere. And it won’t protect you when you use other Internet services, such as an instant messaging client, or use client-based email such as Outlook.

For a more comprehensive security tool, you’ll want to use a Virtual Private Network, such as the free Hotspot Shield, or the for-pay AlwaysVPN. But for quick-and-easy free protection at popular Web sites, HTTPS Everywhere is a great choice.

Note: This link automatically installs the file from the developer’s site into your Firefox browser.

–Preston Gralla