[The security box] Electronic Frontier Foundation will deprecate HTTPS Everywhere plugin
Jared Rimer
jaredrimer at 986themix.com
Wed Oct 6 13:43:16 EDT 2021
Terms:
1. HTML: hyper text markup language
2. https: hyper text transport secure
3. http: hyper text transport protocol
4. Depreciate: discontinue
Jared Rimer
Check out my shows on 986 the mix. www.986themix.com/schedule for more
info. Shows are on Wednesdays, Saturdays and Sundays
Wednesday's show is on the independent channel. Check schedule for time
www.jaredrimer.net for my other site.
On 10/6/2021 10:32 AM, Jennifer Martinez via Thesecuritybox wrote:
> Ok. I'm going to play stupid for a minute. What is depreciate? Is it not
> to make something worth less? Obsolete? Or worthless, as in zero value?
> What exactly...how exactly will this impact internet travel to the
> current http(s)? What is http anyway? Does anyone know what
> http(s)...what does it actually stand for? I know html stands for
> hyper-text-media-link? What then is http?
> Hyper-text-telecommunication-portal? Is that right? Anyone know for sure?
>
> Jen
>
> Sent from Yahoo Mail on Android
> <https://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature>
>
> On Tue, Oct 5, 2021 at 7:29 PM, Michael Brock via Thesecuritybox
> <thesecuritybox at 986themix.com> wrote:
>
> Electronic Frontier Foundation will deprecate HTTPS Everywhere plugin
> Ars Technica / Jim Salter
>
> All four major browsers have duplicated HTTPS Everywhere
> functionality natively.
> Rising line graph.
> Enlarge
> <https://cdn.arstechnica.net/wp-content/uploads/2021/09/httparchive-report.png>
> / We had trouble even finding HTTPS statistics earlier than 2016—but
> even in 2016, fewer than one in four websites were delivered via HTTPS.
>
> Last week, the Electronic Frontier Foundation announced
> <https://www.eff.org/deeplinks/2021/09/https-actually-everywhere> that
> it will deprecate its HTTPS Everywhere browser plugin
> <https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/>
> in 2022. Engineering director Alexis Hancock summed it up in the
> announcement's own title: "HTTPS is actually everywhere."
>
> The EFF originally launched
> <https://www.eff.org/deeplinks/2010/06/encrypt-web-https-everywhere-firefox-extension> HTTPS
> Everywhere—a plugin that automatically upgrades HTTP connections to
> HTTPS—in 2010 as a stopgap measure for a world that was still
> getting accustomed to the idea of encrypting all web-browser traffic.
>
> When the plugin was new, the majority of the Internet was served up
> in plaintext—vulnerable to both snooping and manipulation by any
> entity that could place itself between a web-browsing user and the
> web servers they communicated with. Even banking websites frequently
> offered unencrypted connections! Thankfully, the web-encryption
> landscape has changed dramatically in the 11 years since then.
>
> We can get some idea of just how far the protocol has come by
> looking at HTTP Archive's State of the Web report
> <https://httparchive.org/reports/state-of-the-web#pctHttps>. In
> 2016—six years after HTTPS Everywhere first launched—the HTTP
> Archive recorded encrypted connections for fewer than one site in
> every four it crawled. In the five years since, that number has
> skyrocketed—as of July, the Archive crawls nine of every 10 sites
> via HTTPS. (Google's Transparency Report
> <https://transparencyreport.google.com/https/overview> shows a
> similar progression, using data submitted by Chrome users.)
>
> Although the increased organic HTTPS adoption influenced the EFF's
> decision to deprecate the plugin, it's not the only reason. More
> importantly, automated upgrade from HTTP to HTTPS is now available
> natively in all four major consumer browsers—Microsoft Edge, Apple
> Safari, Google Chrome, and Mozilla Firefox.
>
> Unfortunately, Safari is still the only mainstream browser to force
> HTTPS traffic by default—which likely informed the EFF's decision to
> retire HTTPS Everywhere until /next/ year. Firefox and Chrome offer
> a native "HTTPS Only" mode that must be user-enabled, and Edge
> offers an experimental "Automatic HTTPS" as of Edge 92.
>
> If you'd like to enable HTTPS Only/Automatic HTTPS natively in your
> browser of choice today, we recommend visiting the EFF's own
> announcement
> <https://www.eff.org/deeplinks/2021/09/https-actually-everywhere>,
> which includes both step-by-step instructions and animated
> screenshots for each browser. After enabling your browser's native
> HTTPS upgrade functionality, you can safely disable the
> soon-to-be-deprecated HTTPS Everywhere plugin.
>
> /Listing image by Rock1997 / Wikipedia
> <https://en.wikipedia.org/wiki/HTTPS#/media/File:Internet2.jpg>/
>
>
>
> Original Article: https://arstechnica.com/?p=1798812
> <https://arstechnica.com/?p=1798812>
>
>
> Michael Brock
> Thank you for subscribing to the Security Box email list. If you
> need list management options, please see the link for a section to
> log in, manage your subscription, and possibly other options that
> may be of interest.
>
> Need help? write the owner, and the owner will get back to you as
> quickly as possible. Be clear on what you need.
>
> Thanks for subscribing!
>
> --
> Thesecuritybox mailing list
> Thesecuritybox at 986themix.com <mailto:Thesecuritybox at 986themix.com>
> http://mail.986themix.com/mailman/listinfo/thesecuritybox_986themix.com
> <http://mail.986themix.com/mailman/listinfo/thesecuritybox_986themix.com>
>
>
> Thank you for subscribing to the Security Box email list. If you need list management options, please see the link for a section to log in, manage your subscription, and possibly other options that may be of interest.
>
> Need help? write the owner, and the owner will get back to you as quickly as possible. Be clear on what you need.
>
> Thanks for subscribing!
>
More information about the Thesecuritybox
mailing list