[The security box] Electronic Frontier Foundation will deprecate HTTPS Everywhere plugin

Jared Rimer jaredrimer at 986themix.com
Wed Oct 6 16:33:55 EDT 2021 

Oose, 2.  https: hyper text transport protocol secure

Jared Rimer
Check out my shows on 986 the mix. www.986themix.com/schedule for more 
info. Shows are on Wednesdays, Saturdays and Sundays
Wednesday's show is on the independent channel. Check schedule for time
www.jaredrimer.net for my other site.

On 10/6/2021 10:43 AM, Jared Rimer via Thesecuritybox wrote:
> Terms:
> 
> 1.  HTML: hyper text markup language
> 2.  https: hyper text transport secure
> 3. http: hyper text transport protocol
> 4.  Depreciate: discontinue
> 
> Jared Rimer
> Check out my shows on 986 the mix. www.986themix.com/schedule for more 
> info. Shows are on Wednesdays, Saturdays and Sundays
> Wednesday's show is on the independent channel. Check schedule for time
> www.jaredrimer.net for my other site.
> 
> On 10/6/2021 10:32 AM, Jennifer Martinez via Thesecuritybox wrote:
>> Ok. I'm going to play stupid for a minute. What is depreciate? Is it 
>> not to make something worth less? Obsolete? Or worthless, as in zero 
>> value? What exactly...how exactly will this impact internet travel to 
>> the current http(s)? What is http anyway? Does anyone know what 
>> http(s)...what does it actually stand for? I know html stands for 
>> hyper-text-media-link? What then is http? 
>> Hyper-text-telecommunication-portal? Is that right? Anyone know for sure?
>>
>> Jen
>>
>> Sent from Yahoo Mail on Android 
>> <https://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature> 
>>
>>
>>     On Tue, Oct 5, 2021 at 7:29 PM, Michael Brock via Thesecuritybox
>>     <thesecuritybox at 986themix.com> wrote:
>>
>>     Electronic Frontier Foundation will deprecate HTTPS Everywhere plugin
>>     Ars Technica  /  Jim Salter
>>
>>     All four major browsers have duplicated HTTPS Everywhere
>>     functionality natively.
>>     Rising line graph.
>>     Enlarge
>>     
>> <https://cdn.arstechnica.net/wp-content/uploads/2021/09/httparchive-report.png> 
>>
>>     / We had trouble even finding HTTPS statistics earlier than 2016—but
>>     even in 2016, fewer than one in four websites were delivered via 
>> HTTPS.
>>
>>     Last week, the Electronic Frontier Foundation announced
>>     
>> <https://www.eff.org/deeplinks/2021/09/https-actually-everywhere> that
>>     it will deprecate its HTTPS Everywhere browser plugin
>>     <https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/>
>>     in 2022. Engineering director Alexis Hancock summed it up in the
>>     announcement's own title: "HTTPS is actually everywhere."
>>
>>     The EFF originally launched
>>     
>> <https://www.eff.org/deeplinks/2010/06/encrypt-web-https-everywhere-firefox-extension> HTTPS 
>>
>>     Everywhere—a plugin that automatically upgrades HTTP connections to
>>     HTTPS—in 2010 as a stopgap measure for a world that was still
>>     getting accustomed to the idea of encrypting all web-browser traffic.
>>
>>     When the plugin was new, the majority of the Internet was served up
>>     in plaintext—vulnerable to both snooping and manipulation by any
>>     entity that could place itself between a web-browsing user and the
>>     web servers they communicated with. Even banking websites frequently
>>     offered unencrypted connections! Thankfully, the web-encryption
>>     landscape has changed dramatically in the 11 years since then.
>>
>>     We can get some idea of just how far the protocol has come by
>>     looking at HTTP Archive's State of the Web report
>>     <https://httparchive.org/reports/state-of-the-web#pctHttps>. In
>>     2016—six years after HTTPS Everywhere first launched—the HTTP
>>     Archive recorded encrypted connections for fewer than one site in
>>     every four it crawled. In the five years since, that number has
>>     skyrocketed—as of July, the Archive crawls nine of every 10 sites
>>     via HTTPS. (Google's Transparency Report
>>     <https://transparencyreport.google.com/https/overview> shows a
>>     similar progression, using data submitted by Chrome users.)
>>
>>     Although the increased organic HTTPS adoption influenced the EFF's
>>     decision to deprecate the plugin, it's not the only reason. More
>>     importantly, automated upgrade from HTTP to HTTPS is now available
>>     natively in all four major consumer browsers—Microsoft Edge, Apple
>>     Safari, Google Chrome, and Mozilla Firefox.
>>
>>     Unfortunately, Safari is still the only mainstream browser to force
>>     HTTPS traffic by default—which likely informed the EFF's decision to
>>     retire HTTPS Everywhere until /next/ year. Firefox and Chrome offer
>>     a native "HTTPS Only" mode that must be user-enabled, and Edge
>>     offers an experimental "Automatic HTTPS" as of Edge 92.
>>
>>     If you'd like to enable HTTPS Only/Automatic HTTPS natively in your
>>     browser of choice today, we recommend visiting the EFF's own
>>     announcement
>>     <https://www.eff.org/deeplinks/2021/09/https-actually-everywhere>,
>>     which includes both step-by-step instructions and animated
>>     screenshots for each browser. After enabling your browser's native
>>     HTTPS upgrade functionality, you can safely disable the
>>     soon-to-be-deprecated HTTPS Everywhere plugin.
>>
>>     /Listing image by Rock1997 / Wikipedia
>>     <https://en.wikipedia.org/wiki/HTTPS#/media/File:Internet2.jpg>/
>>
>>
>>
>>     Original Article: https://arstechnica.com/?p=1798812
>>     <https://arstechnica.com/?p=1798812>
>>
>>
>>     Michael Brock
>>     Thank you for subscribing to the Security Box email list.  If you
>>     need list management options, please see the link for a section to
>>     log in, manage your subscription, and possibly other options that
>>     may be of interest.
>>
>>     Need help?  write the owner, and the owner will get back to you as
>>     quickly as possible.  Be clear on what you need.
>>
>>     Thanks for subscribing!
>>
>>     --     Thesecuritybox mailing list
>>     Thesecuritybox at 986themix.com <mailto:Thesecuritybox at 986themix.com>
>>     
>> http://mail.986themix.com/mailman/listinfo/thesecuritybox_986themix.com
>>     
>> <http://mail.986themix.com/mailman/listinfo/thesecuritybox_986themix.com>
>>
>>
>> Thank you for subscribing to the Security Box email list.  If you need 
>> list management options, please see the link for a section to log in, 
>> manage your subscription, and possibly other options that may be of 
>> interest.
>>
>> Need help?  write the owner, and the owner will get back to you as 
>> quickly as possible.  Be clear on what you need.
>>
>> Thanks for subscribing!
>>
> 
> Thank you for subscribing to the Security Box email list.  If you need 
> list management options, please see the link for a section to log in, 
> manage your subscription, and possibly other options that may be of 
> interest.
> 
> Need help?  write the owner, and the owner will get back to you as 
> quickly as possible.  Be clear on what you need.
> 
> Thanks for subscribing!
>

More information about the Thesecuritybox mailing list