Language Selection

English French German Italian Portuguese Spanish

EFF Tool Offers New Protection Against 'Firesheep'

Filed under
Security

The Electronic Frontier Foundation (EFF) has launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection for Firefox browser users against "Firesheep" and other exploits of webpage security flaws.

HTTPS secures web browsing by encrypting both requests from your browser to websites and the resulting pages that are displayed. Without HTTPS, your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking.

Unfortunately, while many sites on the web offer some limited support for HTTPS, it is often difficult to use. Websites may default to using the unencrypted, and therefore vulnerable, HTTP protocol or may fill HTTPS pages with insecure HTTP references. EFF's HTTPS Everywhere tool uses carefully crafted rules to switch sites from HTTP to HTTPS.

This new version of HTTPS Everywhere responds to growing concerns about website vulnerability in the wake of Firesheep, an attack tool that could enable an eavesdropper on a network to take over another user's web accounts -- on social networking sites or webmail systems, for example -- if the browser's connection to the web application either does not use cryptography or does not use it thoroughly enough.

rest here




More in Tux Machines

Containers and Servers

  • What are Linux containers?
  • Does your company have a plan for adopting containers?
    Linux containers are definitely attracting a lot of attention as cloud-native alternatives to virtual machines for application isolation and deployment, but where does your company sit on the adoption spectrum? As organizations grapple with how best to make business decisions in the face of challenges from limited resources, both human and capital, and find the speed of competition rapidly advancing, they must look to not just new technologies but new paradigms in order to stay afloat. Many organizations are looking to Linux containers as a part of this solution.
  • Using nano-segmentation Apcera looks to bring cloud trust to Docker container deployment
    Highly secure trusted cloud platform provider Apcera, Inc. today announced the release of its own approach to securely managing Docker containers in production at scale. The product is an enterprise-ready orchestration framework called the Apcera Trusted Cloud Platform and it is designed to address today’s gaps in container deployment, management and scalability with an eye for trust and security.
  • Analyst Angle: NFV and cloud driving changes in core network licensing models
    As telecom operators move toward NFV, SDN and cloud architectures, licensing models will need to adapt to new deployment methods
  • DevOps done right: Five tips for implementing database infrastructures
    DevOps couldn’t be hotter. To cope with modern customer demands, applications need to be developed, tested and put into production swiftly. Industry experts have been preaching about DevOps for faster, more reliable software development. Gartner expects this development approach will go mainstream by the end of 2016.

AMD and Linux

Unrequited Microsoft, Red Hat in the Way, LinDoz

Christine Hall penned an opt-ed today saying that she remembers Microsoft's dirty tactics, tactics they still employ while professing love for Linux. The media can fawn all they want, but Hall will never trust them. Elsewhere, Jack Germain said LinDoz is a "smooth Windows-Cinnamon blend" and Jamie Watson had nice things to say about KaOS 2016.06. Mint 18 Cinnamon and MATE editions are planned for this week and Red Hat said "RHEL is getting in the way." Read more

Leftovers: Gaming