Lately, HTTP hijacking had received much attention with the release of Firefox extension Firesheep. Thankfully, Electronic Frontier Foundation (EFF) is on the rescue to protect users from these kind of exploits.
EFF had recently updated HTTPS Everywhere in response to Firesheep’s growing popularity. It included numerous anti-Firesheep improvements and it also provided more protection by default.
It added support for Amazon S3, Bit.ly, Cisco, Dropbox, Evernote, and GitHub.
With this latest release of HTTPS Everywhere, users are advised to do additional steps in order to get maximum Firesheep protection. Quoting EFF, here’s what you need to do:
- Turn on the “Facebook+” rule. You can do that in the Tools->Add Ons->HTTPS Everywhere->Preferences menu. It isn’t on by default, because it can cause Facebook Apps to raise errors. We’re still waiting for Facebook to fix this, and thechat problem :(.
- Install the Adblock Plus Firefox extension too, and use it to block the insecure http:// adds and trackers that Facebook (and other sites) sometimes include.
More important in this release is its support for Firefox 4 API which makes it compatible with the latest beta release of Firefox.