February 29, 2012 | By Peter Eckersley

HTTPS Everywhere & the Decentralized SSL Observatory

Earlier this week we released version 2.0.1 of HTTPS Everywhere for Firefox, and also, a new beta version for Chrome! You can install HTTPS Everywhere here:

(Firefox 2.0.1 Download)

Firefox users will find a number of improvements in version 2.0. In addition to support for four hundred more sites, a crisper user interface, and translation into a dozen languages, there is a new optional feature called the Decentralized SSL Observatory. It detects and warns about security vulnerabilities as you browse the Web. Firefox users can turn on this setting from the Tools->HTTPS Everywhere->SSL Observatory Preferences menu, or from the HTTPS Everywhere toolbar button, which looks like this:

Screenshot of HTTPS Everywhere Firefox toolbar button

In that Preferences page, check the box marked "Use the Observatory":

Screenshot of SSL Observatory preferences

If you turn on this feature, it will send anonymous copies of certificates for HTTPS websites to EFF's SSL Observatory database, which will allow us to study them and detect problems with the web's cryptographic and security infrastructure. The Decentralized SSL Observatory is also capable of giving real-time warnings about these problems.

At the moment, the Observatory will give warnings if you connect to a router, VPN, firewall or similar device that has an insecure private key due to the random number generator vulnerabilities that were recently discovered by two teams of researchers, using data from the SSL Observatory and other sources. We will be adding more kinds of certificate and key auditing to the Decentralized Observatory in the future.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Pls plan to call your House Rep Monday, "vote no FCC privacy repeal" If your rep is Republican, ask 5 friends too https://eff.org/gopp

Mar 24 @ 4:18pm

A loophole in Australia's copyright safe harbor rules will stay open, endangering local user-generated content sites https://www.eff.org/deeplinks...

Mar 24 @ 1:37pm

In all, @agcrocker addressed the appeals court on NSLs for more than 25 minutes. Here's the full recording. https://youtu.be/ccS06CFkZ5M

Mar 24 @ 1:09pm
JavaScript license information