3. Time to stop recommending HTTPS Everywhere?

Time to stop recommending HTTPS Everywhere?

Johnny assumes HTTPS Everywhere automatically switches sites to HTTPS when available.

Probably

So when he hits a login over HTTP he shrugs and says "I guess they don't have HTTPS" and fills in the login anyway.

Maybe he assumes that that page is not aviable in https. But if he transferes a password unencrypted, that is his fault, and his fault alone.

Johnny realizes that more and more, with HTTPS Everywhere installed he doesn't need to worry about the lock icon in the URL bar.

No. Why would that happen? It's still there, still very visible and just as important. If you installed https everywhere I'd assume you care about this more than the average user.

After all, if HTTPS is available HTTPS Everywhere will automatically switch him over, and if it isn't, there is nothing he can do about it anyway.

This is true in most cases. But assuming that this makes it less important is just wrong.

Are webmasters really going to jump through hoops to make a ruleset for HTTPS Everywhere, when it's probably easier for them to make their site HTTPS default (and use HSTS/HPKP etc) which help everyone (not just users of a specific addon).

HTTPS everywhere is not a tool for webmasters. It's a tool for users that are ignored by webmasters.

/r/privacytoolsIO Thread
Previous
Next

Recently removed from /r/privacytoolsIO

Facebook responsible for 94% of 69 million child sex abuse images reported by US tech firms. In epic hack, Signal developer turns the tables on forensics firm Cellebrite Encryption Has Never Been More Essential—or Threatened Best Browser for iOS? What's the best way to start having privacy? I need your help What setup do you guys have to enhance your online privacy and security? Intel ME sniffing Starting with Linux Recommendations for an offline desktop program for journalling GrapheneOS vs. LineageOS: Anti-Google, and at What Cost? Is MalwareBytes great for privacy? Also, any must have Android apps? SynthPass: A free, open-source password manager designed to solve all the problems of other password managers Secure service for syncing contact/calendar entries on Android? Has anyone ever heard of "Blockstack Web Browser" or any other browsers similar to it?

More Random Comments

Why is there a dialysis-related proposition every election? Nurses, please do right by your PCTs/Aides Do you give unsolicited advice? A dendro core a day keeps Il Dottore away - General Discussion and Questions Thread What are your closet staples? The things everyone should have in their closet. Ontario transgender teacher sparks controversy by wearing giant prosthetic breasts in class Reddit loves justice videos of women getting hit Software company I work for announced an in-office mandate effective immediately without asking workers their opinions. I replied to a pro-remote work article someone posted and now have to talk to HR, the COO, and my boss on Monday What is the dumbest thing people actually thought is real? [M4F] Being turned into a free use guy for my family (Longer description in comments :) ) I AM SO PISSED OFF! Feds arrest Forex fraudster for $1M scam (Notice the alias is connected with other ongoing forex operations) Im madly in love with a friend and I don't know what to do Beware of any Investment Ads or "Testimonials" you see on Facebook, Twitter, or Instagram - More than 95% are proven scams or alias "bait ads" for sophisticated frauds and/or identity theft. What is your crypto investing strategy?