<
div class=”field field–name-body field–type-text-with-summary field–label-hidden”>
<
div class=”field__items”>
<
div class=”field__item even”>
At the start of 2023, we sunsetted the HTTPS Everywhere web extension. It encrypted browser communications with websites and made sure users benefited from the protection of HTTPS wherever possible. HTTPS Everywhere ended because all major browsers now offer the functionality to make HTTPS the default. This is due to the grand efforts of the many technologists and advocates involved with Let’s Encrypt, HTTPS Everywhere, and Certbot over the last 10 years.
The immense impact of this “Encrypt the Web” initiative has translated into default “security for everybody,” without each user having to take on the burden of finding out how to enable encryption. The “hacker in a cafe” threat is no longer as dangerous as it once was, when the low technical bar of passive network sniffing of unencrypted public WiFi let bad actors see much of the online activity of people at the next table. Police have to work harder as well to inspect user traffic. While VPNs still serve a purpose, they are no longer necessary just to encrypt your traffic on the web.
“The Last Mile”
Firefox reports that over 80% of the web is encrypted, and Google reports 95% over all of its services. The last 5%-20% exists for several reasons:
- Some websites are old and abandoned.
- A small percentage of websites intentionally left their sites at HTTP.
- Some mobile ecosystems do not use HTTPS by default.
- HTTPS may still be difficult to obtain for accessibility reasons.<
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.This article has been indexed from DeeplinksRead the original article: