HTTPS Everywhere, the Electronic Frontier Foundation's browser add-on that forces encrypted connections to sites that have the option, has just hit 1.0, 13 months after its first public beta. By using HTTPS Everywhere, you can protect your browsing habits from being peeked at by people on your network and by your ISP, as well as protecting potentially valuable login credentials. I use it.
"HTTPS secures web browsing by encrypting both requests from your browser to websites and the resulting pages that are displayed," said EFF Senior Staff Technologist Peter Eckersley. "Without HTTPS, your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking. Today's Paxfire revelations are a grand example of how things can go wrong. EFF created HTTPS Everywhere to make it easier for people to keep their user names, passwords, and browsing histories secure and private. With the revelation that companies like Paxfire are out there, intercepting millions of people's searches without their permission, this kind of protection is indispensable."
HTTPS Everywhere 1.0 encrypts connections to Google Image Search, Flickr, Netflix, Apple, and news sites like NPR and the Economist, as well as dozens of banks. HTTPS Everywhere also includes support for Google Search, Facebook, Twitter, Hotmail, Wikipedia, the New York Times, and hundreds of other popular websites.
It's true -- and regrettable -- that BB doesn't have HTTPS options for its readers yet. It's something that we've talked about a lot, but the costs associated with it are substantial, as it's much more processor-intensive than serving pages without encrypting them, and we often seem to be at the limits of our existing hardware. We're always investigating the possibility, and I really hope we'll be SSL-enabled soon.