Language Selection

English French German Italian Portuguese Spanish

EFF Tool Offers New Protection Against 'Firesheep'

Filed under
Security

The Electronic Frontier Foundation (EFF) has launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection for Firefox browser users against "Firesheep" and other exploits of webpage security flaws.

HTTPS secures web browsing by encrypting both requests from your browser to websites and the resulting pages that are displayed. Without HTTPS, your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking.

Unfortunately, while many sites on the web offer some limited support for HTTPS, it is often difficult to use. Websites may default to using the unencrypted, and therefore vulnerable, HTTP protocol or may fill HTTPS pages with insecure HTTP references. EFF's HTTPS Everywhere tool uses carefully crafted rules to switch sites from HTTP to HTTPS.

This new version of HTTPS Everywhere responds to growing concerns about website vulnerability in the wake of Firesheep, an attack tool that could enable an eavesdropper on a network to take over another user's web accounts -- on social networking sites or webmail systems, for example -- if the browser's connection to the web application either does not use cryptography or does not use it thoroughly enough.

rest here




More in Tux Machines

Pondering FOSS foundations

In the case of the Document Foundation, the LibreOffice project needed an independent, solid and meritocratic entity dedicated to support it. In other terms, the OpenOffice.org community wanted to be its own boss and stop relying on corporate – or even third party – good will. If you attend the Community Track on the 31st you will be able to learn more about the Document Foundation and the other entities, but my message here is that while there is no silver bullet in these matters, forcing a community be hosted or to bend to a software vendor never works. It bends if it wants to; it goes whereever it wishes to go. In the case of the Document Foundation, independence and community rule prevailed over convenience; today the results do not need to be proven anymore. But it does not mean we hold the truth more than anybody else: we just ensured the community was in charge. Read more

10+ Things To Do After Installing Ubuntu 14.10 Utopic Unicorn

There is some discussion of whether or not you should upgraded to 14.10 here, but the short version is, for most people an upgrade from 14.04 is not necessary but not a bad idea, and an upgrade from any earlier version is a very good idea. Mostly, though, you should just upgrade. One could ask the question, should you be installing Ubuntu with Unity. You have to like Unity. I personally like to have a wider range of desktop options than Ubuntu with Unity allows, but for a notebook or laptop where you are going to be using one application at a time, usually use GUI apps, and like to have your computer integrated fairly seamlessly to social networking services, etc., it is a good option. Read more

Corporate Desktop Linux

A business doesn’t need a fleet of GNU/Linux guys to run IT. A few will do because one person can easily manage thousands of PCs with FLOSS. There are no licences to count, no networking limitations, no CPUs to count, … They just have to run the software any way that makes sense. Read more

Open-Source Radeon 2D Performance Is Better With Ubuntu 14.10

In this article are graphics card tests going back to the Radeon HD 4870 and even going back that far are 2D improvements with Ubuntu 14.10. However, most interesting is the Radeon HD 7000 series and newer where GLAMOR is used for 2D acceleration rather than UXA. GLAMOR leverages OpenGL for 2D acceleration and with X.Org Server 1.16 the GLAMOR support went from being an independent library to a highly-optimized implementation within the X.Org Server. Ubuntu 14.10 uses X.Org Server 1.16.0 along with Mesa 10.3.0, Linux 3.16, and xf86-video-ati 7.4.0. Read more