In 2009, EFF set out on a long-term mission to encrypt the Web. Our aim was to switch hypertext from insecure HTTP to secure HTTPS. That protection is essential in order to defend Internet users against surveillance of the content of their communications; cookie theft, account hijacking and other web security flaws; and some forms of Internet censorship.
We have made a lot of progress. We began by asking some of the largest sites on the Web, such as Google, Facebook, Twitter and Wikipedia, to start offering HTTPS versions of their sites. We then launched HTTPS Everywhere, a browser extension that would automatically use the secure form of those and other sites.
We know that the benefits of encryption are undermined if there are weaknesses and vulnerabilities in our encryption protocols. Our SSL Observatory and Sovereign Keys projects are intended to make sure that HTTPS and TLS/SSL actually deliver the kinds of security they promise. And we have efforts including the Encrypt the Web Report and the crypto ops mailing list to encourage and assist Web companies to deploy encryption correctly.
As of 2013, HTTPS Everywhere has more than 3 million people using it, and the development branch covers more than ten thousand websites. Large sites like Google have migrated towards HTTPS by default for most purposes. We've made a lot of progress, and protected hundreds of billions of web requests, but there is much more work to do. And we won't rest until it's done.