Skip to main content
Podcast Episode: Chronicling Online Communities

Computer security and the lack of computer security is a fundamental issue that underpins much of how the Internet does (and doesn't) function. Many of the policy issues that EFF works on are linked to security in deep ways including privacy and anonymity, DRM, censorship, and network neutrality.

EFF works directly on a wide range of security issues including increased deployment of cryptographic protocols through projects like Certbot; improving the security of those protocols; offering legal assistance to researchers through our Coders' Rights Project; offering practical security advice to activists through the surveillance self-defense project; and working on the development of new security standards.

Security Highlights

vintage keys in a web of nodes

Encrypting the Web

The web has largely switched from non-secure HTTP to the more secure HTTPS protocol. All web servers use one of these two protocols to get web pages from the server to your browser. HTTP has serious problems that make it vulnerable to eavesdropping and content hijacking. HTTPS fixes most of...

Coders' Rights Project

EFF's Coders' Rights Project protects programmers and developers engaged in cutting-edge exploration of technology. Security and encryption researchers help build a safer future for all of us using digital technologies, but too many legitimate researchers face serious legal challenges that prevent or inhibit their work. These challenges come from laws...

Security Updates

vintage keys in a web of nodes

FTC to Internet Companies: Start Using SSL

HTTPS is the backbone of web security. The protocol, which is also commonly known as the Secure Sockets Layer (SSL), is what guarantees we can use the web to transmit sensitive information — financial, medical, or other — with relative confidence that it won't be intercepted or stolen. EFF...

vintage keys in a web of nodes

Gmail Takes the Lead on Email Security

Last night, Google announced that Gmail sessions will now be fully encrypted with HTTPS by default. This is excellent news — EFF congratulates Google for taking this significant step to safeguard their users' privacy and security.Previously, it was possible to encrypt your access to Gmail, but it required...

Google Considering More HTTPS, Other Services to Follow?

Earlier this week, privacy and security researchers urged Google to improve the security of Gmail, Google Docs, and Google Calendar by enabling the more secure HTTPS encryption by default. As it stands, all users currently log in to Google services over HTTPS. However, most conduct the remaining bulk of...

Pages

Back to top

JavaScript license information