Results 1 to 6 of 6
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    Derby, United Kingdom
    Posts
    14
    Thanks
    7
    Thanked 0 Times in 0 Posts
    In the 28/10/2010 issue of Windows Secrets Newsletter Robert Vamosi recommends the Firefox "Force-TSL" Add-on to force the use of HTTPS where available.
    I have been using "HTTPS Everywhere", which appears to serve the same or a very similar purpose.

    Can other Loungers advise me if these do in fact serve the same purpose, or if they are complementary?

    If they serve the same purpose, which Add-on would you recommend?
    PFV

  2. #2
    3 Star Lounger
    Join Date
    Sep 2010
    Location
    Yarra Glen, Victoria, Australia
    Posts
    213
    Thanks
    0
    Thanked 38 Times in 24 Posts
    I'm not sure of how these add-ons interact, but am currently running both of them in FF 3.6.12, without any apparent ill effects. Any comments, anyone?

  3. #3
    Lounger
    Join Date
    Dec 2009
    Location
    Phoenix, AZ
    Posts
    29
    Thanks
    1
    Thanked 1 Time in 1 Post
    As I understand it, they both force all interaction with sites to us secure protocols. Seems like unless you can turn them on by site, you are adding a lot of unnecessary overhead. Most sites you visit have no need for encrypted transactions. But if your speed is still acceptable, go for it.

    I am not that familiar with them but it is hard to imagine any advantage to running both if they indeed do the same thing.

  4. #4
    New Lounger
    Join Date
    Feb 2010
    Location
    albany, ny
    Posts
    15
    Thanks
    0
    Thanked 0 Times in 0 Posts
    They are both partial solutions, so it is arguable if they are worth the trouble. Basically, some websites support both HTTP and HTTPS access. Each extension aims to insure when you using such a site you always use the HTTPS secure side. But many sites don't support HTTPS everywhere on the site, some don't support it at all and others only support it for parts of the site.

    A VPN is the only solution that is full, total and complete. It protects everything.

  5. #5
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by Michael Horowitz View Post
    A VPN is the only solution that is full, total and complete. It protects everything.
    We should add an asterisk to that:

    * While the communication is in the VPN tunnel between your device and the VPN service provider. Once it leaves the tunnel, it likely is out on the open internet, so there still is a role for HTTPS for sensitive communications (e.g., banking).

  6. #6
    Gold Lounger Roderunner's Avatar
    Join Date
    Dec 2009
    Location
    Scotland.
    Posts
    3,462
    Thanks
    16
    Thanked 216 Times in 183 Posts
    O wad some Power the giftie gie us, to see oursels as ithers see us!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •