Language Selection

English French German Italian Portuguese Spanish

EFF Tool Offers New Protection Against 'Firesheep'

Filed under
Security

The Electronic Frontier Foundation (EFF) has launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection for Firefox browser users against "Firesheep" and other exploits of webpage security flaws.

HTTPS secures web browsing by encrypting both requests from your browser to websites and the resulting pages that are displayed. Without HTTPS, your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking.

Unfortunately, while many sites on the web offer some limited support for HTTPS, it is often difficult to use. Websites may default to using the unencrypted, and therefore vulnerable, HTTP protocol or may fill HTTPS pages with insecure HTTP references. EFF's HTTPS Everywhere tool uses carefully crafted rules to switch sites from HTTP to HTTPS.

This new version of HTTPS Everywhere responds to growing concerns about website vulnerability in the wake of Firesheep, an attack tool that could enable an eavesdropper on a network to take over another user's web accounts -- on social networking sites or webmail systems, for example -- if the browser's connection to the web application either does not use cryptography or does not use it thoroughly enough.

rest here




More in Tux Machines

SolydX 201411 Is a Rolling Release Alternative to Linux Mint Debian Xfce

SolydX, a Debian-based distribution that features the Xfce desktop environment and uses a rolling release model, is now at version 201411 and is ready for download. Read more

Linux-Based Beautiful Jolla Tablet Registers Fantastic Success on Indigogo

Jolla is a new tablet developed by a team of people who used to work for Nokia and it's powered by a Linux-driver operating system called Sailfish OS. The recently launched crowdfunding campaign has surpassed any expectations. Read more

WordPress 4.0.1 Updates Millions of Sites for 8 Flaws

Millions of open-source WordPress site owners received email notifications over the last 24 hours advising them of a site update. The new WordPress 4.0.1 update provides multiple security fixes and data-hardening improvements to help secure WordPress sites. The WordPress 4.0.1 update is the first incremental update for WordPress since the 4.0 release in September. The 4.0.1 update provides 23 bug fixes and an additional 8 security vulnerability fixes. Read more

V2 Of KDBUS Published For Linux Kernel Review

The second revision to the Linux kernel based D-Bus implementation is now available for review. Greg Kroah-Hartman on Thursday night posted the "v2" revision of the KDBUS implementation for providing the kernel with a new IPC implementation that resembles the existing user-space D-Bus daemon while adding extra features. Among the changes in this revision to KDBUS are exposing its control files and other information via a new kdbusfs file-system, KDBUS expects to be mounted to /sys/fs/kdbus, a new KDBUS domain is created for each time kdbusfs is mounted, and various other low-level changes. More details via the patch-set series. It's not clear yet whether KDBUS will be ready for merging in the Linux 3.19 kernel or will be held off until Linux 3.20 or longer. Read more