Firefox Users are able to Browse in Encrypted-Only Mode by Using Extension HTTP Nowhere
When Web was created no one thought that it would become such a “highway” of communications and e-commerce, but nowadays it is used exactly for that. It is not the best platform for these activities because the SSL protocol which is used for encoding data it is not secure enough. As a result, internet users are facing a lot of flaws of the internet, which might result in serious damage. Fortunately, Mozilla has introduced a new extension which will solve some of the issues. Due to latest improvement it will accept only HTTPS requests.
This extension is associated with the older EFF’s HTTPS Everywhere plug-in. The latter modification was supported by both Firefox and Google. Due to its activity, the internet browsers were forced to use a secure HTTPS connection if this kind of opportunity was offered by the visited webpage. The new extension is called HTTP Nowhere. Its objectives are similar to the EFF’s HTTPS Everywhere ones, but the approach of these extensions are different. HTTP Nowhere extension was created by Chris Wilper, it guarantees that the internet browser is making and receiving HTTPS requests while the plaintext HTTP requests are always rejected.
The extension provides the user with a button in the browser interface. Pressing the button will set the internet browser to encrypted-only mode. When this feature is activated all unsecure requests during the session will be denied, providing user with information about the denials in real time. This feature is very useful if the user desires extra safety when connecting to a certain webpage.
According to the author of this extension, Chris Wilper, web won’t become fully encrypted in the near future, that’s why such extensions are needed. Users should always know whether their connection is encrypted or not. The internet society needs active tools to increase the security level, not just passive indicators such as visual signs. Although the latter feature is also beneficial, but Wilper thinks it is not enough to greatly impact the internet security.
Wilper also added that this extension should improve users’ self-awareness as they are required to be active participants when using it. The developer describes the HTTP Nowhere as an extra layer of protection, which is capable of blocking all unencrypted traffic. Furthermore, by using this extension users will always be informed which webpages are not providing secure connections.
Although, the extension still has to undergo intense testing, Wipter is confident that even now HTTP Nowhere is providing reliable data. For example, if it is capable of breaking functionality of a secure webpage, the domain is clearly not secure enough. Having in mind that this extension will notify about all denied non-https requests, it might be employed as an auditing tool for webpages.
Firefox is the only browser which supports this extension, but Wilper is hoping that it will be also adapted to Chrome. According to Wilper, there are no big barriers for this to happen. He wishes that a Chrome version would be developed in the near future by him or by any other developer.