The Tin Hat

HTTPS-Everywhere Tutorial | Automatically Encrypt Web Traffic

Image By Electronic Frontier Foundation

Category: addons
A 3 Minute Read

Support The Tin Hat on Patreon! Just one dollar makes all the difference in helping me write more content!

One of the biggest problems that privacy advocates face is convincing people that the work required to encrypt data is worth it. When most people hear the word 'encryption', they think 'complicated and cumbersome'. But this doesn't have to be true. Sometimes encryption is readily available, but the switch just has to be turned on. HTTPS Everywhere flips that switch.

What is HTTPS?

Before you can understand what HTTPS Everywhere does, you first have to understand what HTTPS and HTTP are. Hypertext Transfer Protocol (HTTP) is the foundation of the internet. It is the protocol that is used to transmit all sorts of data, including web page content, from a server to your home computer (or vice versa). Whenever you visit a website your browser sends an HTTP request to that website's server, that then responds to the request and sends you the data that has been requested.

The problem with HTTP however is that it isn't in any way secure. What this means is that if you're sitting in a coffee shop with a Macbook Pro writing your masterpiece autobiography and you decide to take a break and browse around online, then somebody else in the coffee shop can watch everything you do. This may not be a problem if you're just looking up lens-less Raybans, but if you were to try to purchase them over standard HTTP someone could steal the credit card information that you entered. This can also be a problem when sending confidential emails, browsing embarrassing Brony websites, logging into accounts, or using monitored networks. Basically, everything you do online through HTTP can be surveilled by someone else.

*Note: Tor users should always use HTTPS whenever possible, especially when logging into accounts, due to the fact that exit nodes can view and modify your data.

HTTPSecure

Hypertext Transfer Protocol Secure (HTTPS) is what fixes these problems. HTTPS uses the same method of data request and response as HTTP, except it layers it on top of SSL or TLS encryption. This is similar to sending a letter in the mail, in which case HTTP would be the letter and SSL/TLS would be the sealed envelop, preventing anyone from reading it. In the same way that you wouldn't send a letter without an envelope, you shouldn't send data without SSL or TLS. Of course this isn't the perfect analogy, as an envelope can be trivially opened by an adversary, whereas SSL/TLS encryption is far more secure.

HTTPS Everywhere

HTTPS is quite common on the internet. Unfortunately, while many sites may offer HTTPS, many do not enable it by default. Instead, it is often left to the user to explicitly request the use of HTTPS. Also, the HTTPS version of websites may often use links that point to the HTTP version, essentially downgrading your session without you realizing it. This is where HTTPS Everywhere comes in.

Created by the Electronic Frontier Foundation, HTTPS Everywhere is a Firefox and Chrome add-on that enables HTTPS whenever it is available, and fixes those problematic links. The beauty of this is that it stomps all over the misconception that encryption is complicated and cumbersome. All you have to do is install the add-on and a large portion of your data will become encrypted without you ever lifting a finger. This significantly benefits your online privacy, and is something that you could put on your grandmother's computer without her ever noticing.

The add-on can be downloaded from the EFF's website for both Firefox and Chrome.


I personally use NordVPN and Digital Ocean.
Show some love by signing up using my affiliate links:
Or support me directly on Patreon

Help Me Out: Share, Follow, & Comment

Latest Posts

What is Device Fingerprinting?

Learn what browser fingerprinting is and how it canb e used to track you online.

How To Torrent Privately & Anonymously For Free

Learn the pros and cons of using a VPN to torrent, as well as how to use I2P to anonymously torrent for free!

VPN Drop Protection Using Simple Linux Firewall Rules

Learn how to protect against your VPN dropping using these simply Linux firewall rules

Ledger Nano S Review | Why You Need a Bitcoin Hardware Wallet

A review of the Ledger Nano S, and an explanation of why hardware wallets just make life better when using Bitcoin

What is Two Factor Authentication (2FA) And Why Use It?

What 2FA is, why you should use it, and why we need FIDO U2F.

Support The Tin Hat on Patreon!

The Tin Hat now has a few more ways to support the site.

What is a hash?

A simple explanation of what hashing is, and how hashes are used.

Trump's Toolbox | Future Attribute Screening Technology

FAST is a program that attempts to wirelessly detect whether youre a terrorist, and its in Trump's back pocket.

uBlock Origin, The Best AdBlock Alternative

For AdBlock (Plus) alternatives, look no further than uBlock Origin. This tutorial explains why, and how, you should use it.

I2P Browser Setup Tutorial | Using The Tor Browser For I2P

Learn how to browse I2P using the Tor Browser with this short guide

Privacy On Android | 2017 Android Privacy Guide

A tutorial on how to build privacy on your Android device. Learn what you need to do to stay safe and secure.

New I2P Portal For TheTinHat

TheTinHat has moved to a new server, with a new I2P hidden service to accompany it.

Rebranding 'The Dark Net'

Disassociating decentralized networks with the term 'darknets'.

In Defense of Browser-Based Email Encryption

Why I've reversed my opinion on Protonmail and Tutanota

Privacy Focused Blog Platform

A rundown of the tools I use to power my blog, hidden services.

A Lighter-weight Firefox

How I've set up a lightweight, yet still private browser.