Monday, June 21, 2010

Firefox add-on encrypts sessions with Facebook, Twitter


The Electronic Frontier Foundation and the Tor Project have released a public beta of a new Firefox extension that lets people encrypt their communications with Facebook, Twitter, and other sites.

The HTTPS Everywhere Firefox extension was inspired by Google's encrypted Web search option, the EFF said in announcing the tool on Thursday.

In addition to Facebook and Twitter, the Web sites that the software works on are Google Search, Wikipedia, The New York Times, The Washington Post, PayPal, EFF, Tor, and Ixquick.

The tool works by creating an HTTPS (Hypertext Transfer Protocol Secure) connection to the sites. But even if "https" is used, unless the address bar is colored and an unbroken lock icon is displayed in the bottom right corner, the page is not completely encrypted, EFF says.

Our colleagues over at ZDNet's Zero Day blog point out that using HTTPS doesn't hide a computer's IP address and users are still susceptible to tracking from broken SSL sessions displaying unencrypted third-party content.

"Forcing a full session on a popular social-networking service such as Facebook for instance, without taking into consideration the fact that SSL would not magically make all the personally identifiable information, including your IP, disappear, is wrong," writes Dancho Danchev on the Zero Day blog. "Full-session SSL, in combination with tools such as Vanish, next to Tor-like/VPN based anonymity network, are great for a fresh start." this story found here


Share/Bookmark

No comments:

Post a Comment