February 29, 2012 | By Peter Eckersley

HTTPS Everywhere & the Decentralized SSL Observatory

Earlier this week we released version 2.0.1 of HTTPS Everywhere for Firefox, and also, a new beta version for Chrome! You can install HTTPS Everywhere here:

(Firefox 2.0.1 Download)

Firefox users will find a number of improvements in version 2.0. In addition to support for four hundred more sites, a crisper user interface, and translation into a dozen languages, there is a new optional feature called the Decentralized SSL Observatory. It detects and warns about security vulnerabilities as you browse the Web. Firefox users can turn on this setting from the Tools->HTTPS Everywhere->SSL Observatory Preferences menu, or from the HTTPS Everywhere toolbar button, which looks like this:

Screenshot of HTTPS Everywhere Firefox toolbar button

In that Preferences page, check the box marked "Use the Observatory":

Screenshot of SSL Observatory preferences

If you turn on this feature, it will send anonymous copies of certificates for HTTPS websites to EFF's SSL Observatory database, which will allow us to study them and detect problems with the web's cryptographic and security infrastructure. The Decentralized SSL Observatory is also capable of giving real-time warnings about these problems.

At the moment, the Observatory will give warnings if you connect to a router, VPN, firewall or similar device that has an insecure private key due to the random number generator vulnerabilities that were recently discovered by two teams of researchers, using data from the SSL Observatory and other sources. We will be adding more kinds of certificate and key auditing to the Decentralized Observatory in the future.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Happening now: TPP negotiators trading away our digital rights in the backrooms of a luxury hotel in Maui. https://eff.org/r.zr7c

Jul 28 @ 6:11pm

We're calling on the Copyright Office to ask USTR to re-think its copyright term proposals in TPP. Join us: https://eff.org/r.4etj

Jul 28 @ 4:41pm

Ethiopian PM Desalegn promised reform, but the country has a long way to go on civil liberties: https://eff.org/r.rl7b

Jul 28 @ 3:37pm
JavaScript license information