#httpseverywhere — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #httpseverywhere, aggregated by home.social.
-
If I use #httpseverywhere, is there any reason to use a #VPN? #privacy #infosec
-
If I use #httpseverywhere, is there any reason to use a #VPN? #privacy #infosec
-
If I use #httpseverywhere, is there any reason to use a #VPN? #privacy #infosec
-
If I use #httpseverywhere, is there any reason to use a #VPN? #privacy #infosec
-
If I use #httpseverywhere, is there any reason to use a #VPN? #privacy #infosec
-
HTTP or HTTPS?
I'm building a new static website, minimalist design etc, mostly about my hobbies and interests. Although, who knows, maybe in the future I will cover more controversial topics ...
Is there any good reason *not* to use HTTPS?
-
HTTP or HTTPS?
I'm building a new static website, minimalist design etc, mostly about my hobbies and interests. Although, who knows, maybe in the future I will cover more controversial topics ...
Is there any good reason *not* to use HTTPS?
-
HTTP or HTTPS?
I'm building a new static website, minimalist design etc, mostly about my hobbies and interests. Although, who knows, maybe in the future I will cover more controversial topics ...
Is there any good reason *not* to use HTTPS?
-
HTTP or HTTPS?
I'm building a new static website, minimalist design etc, mostly about my hobbies and interests. Although, who knows, maybe in the future I will cover more controversial topics ...
Is there any good reason *not* to use HTTPS?
-
HTTP or HTTPS?
I'm building a new static website, minimalist design etc, mostly about my hobbies and interests. Although, who knows, maybe in the future I will cover more controversial topics ...
Is there any good reason *not* to use HTTPS?
-
Maybe noteworthy to some:
If you see "https-rulesets.org" in your #DNS logs going forward, there's a #browser somewhere on your network that needs attention.
The #HTTPSEverywhere browser extension, which was retired a couple years ago by EFF, periodically checked "https-rulesets.org" for updates. That domain expired this week and got snatched up by a squatter. I don't think it resolved at all for most of 2024 and nothing should be querying it now.
-
Maybe noteworthy to some:
If you see "https-rulesets.org" in your #DNS logs going forward, there's a #browser somewhere on your network that needs attention.
The #HTTPSEverywhere browser extension, which was retired a couple years ago by EFF, periodically checked "https-rulesets.org" for updates. That domain expired this week and got snatched up by a squatter. I don't think it resolved at all for most of 2024 and nothing should be querying it now.
-
Maybe noteworthy to some:
If you see "https-rulesets.org" in your #DNS logs going forward, there's a #browser somewhere on your network that needs attention.
The #HTTPSEverywhere browser extension, which was retired a couple years ago by EFF, periodically checked "https-rulesets.org" for updates. That domain expired this week and got snatched up by a squatter. I don't think it resolved at all for most of 2024 and nothing should be querying it now.
-
Maybe noteworthy to some:
If you see "https-rulesets.org" in your #DNS logs going forward, there's a #browser somewhere on your network that needs attention.
The #HTTPSEverywhere browser extension, which was retired a couple years ago by EFF, periodically checked "https-rulesets.org" for updates. That domain expired this week and got snatched up by a squatter. I don't think it resolved at all for most of 2024 and nothing should be querying it now.
-
This push for #HTTPSEverywhere would've been perfectly fine if it just focused on #HTTPS / #TLS / #SSL as an option always available. But no, it also pushed for it to be mandatory (even if it doesn't make sense if you look at the #threatmodel), and as a result pretty much everything in the #web cannot be accessed with a #browser that doesn't have an up-to-date enough TLS support. Which is fine I guess if you're on a modern computer anyway, but a pain if you're on #retrocomputing. :seija_coffee:
The #LetsEncrypt #centralization is also a serious concern, which is why I avoided using it for my #VPS.
RE: https://hamishcampbell.com/a-balanced-and-pragmatic-approach-to-native-openweb-security/ -
This push for #HTTPSEverywhere would've been perfectly fine if it just focused on #HTTPS / #TLS / #SSL as an option always available. But no, it also pushed for it to be mandatory (even if it doesn't make sense if you look at the #threatmodel), and as a result pretty much everything in the #web cannot be accessed with a #browser that doesn't have an up-to-date enough TLS support. Which is fine I guess if you're on a modern computer anyway, but a pain if you're on #retrocomputing. :seija_coffee:
The #LetsEncrypt #centralization is also a serious concern, which is why I avoided using it for my #VPS.
RE: https://hamishcampbell.com/a-balanced-and-pragmatic-approach-to-native-openweb-security/ -
This push for #HTTPSEverywhere would've been perfectly fine if it just focused on #HTTPS / #TLS / #SSL as an option always available. But no, it also pushed for it to be mandatory (even if it doesn't make sense if you look at the #threatmodel), and as a result pretty much everything in the #web cannot be accessed with a #browser that doesn't have an up-to-date enough TLS support. Which is fine I guess if you're on a modern computer anyway, but a pain if you're on #retrocomputing. :seija_coffee:
The #LetsEncrypt #centralization is also a serious concern, which is why I avoided using it for my #VPS.
RE: https://hamishcampbell.com/a-balanced-and-pragmatic-approach-to-native-openweb-security/ -
This push for #HTTPSEverywhere would've been perfectly fine if it just focused on #HTTPS / #TLS / #SSL as an option always available. But no, it also pushed for it to be mandatory (even if it doesn't make sense if you look at the #threatmodel), and as a result pretty much everything in the #web cannot be accessed with a #browser that doesn't have an up-to-date enough TLS support. Which is fine I guess if you're on a modern computer anyway, but a pain if you're on #retrocomputing. :seija_coffee:
The #LetsEncrypt #centralization is also a serious concern, which is why I avoided using it for my #VPS.
RE: https://hamishcampbell.com/a-balanced-and-pragmatic-approach-to-native-openweb-security/ -
This push for #HTTPSEverywhere would've been perfectly fine if it just focused on #HTTPS / #TLS / #SSL as an option always available. But no, it also pushed for it to be mandatory (even if it doesn't make sense if you look at the #threatmodel), and as a result pretty much everything in the #web cannot be accessed with a #browser that doesn't have an up-to-date enough TLS support. Which is fine I guess if you're on a modern computer anyway, but a pain if you're on #retrocomputing. :seija_coffee:
The #LetsEncrypt #centralization is also a serious concern, which is why I avoided using it for my #VPS.
RE: https://hamishcampbell.com/a-balanced-and-pragmatic-approach-to-native-openweb-security/ -
@workingclassgames or even better: Use @torproject #TorBorwser so #Tracking and #Ads are pointless!
Because it is @[email protected] #Firefox but with #uBlockOrigin, #HTTPSeverywhere and #NoScript already integrated and working fine...
-
@workingclassgames or even better: Use @torproject #TorBorwser so #Tracking and #Ads are pointless!
Because it is @mozilla #Firefox but with #uBlockOrigin, #HTTPSeverywhere and #NoScript already integrated and working fine...
-
@workingclassgames or even better: Use @torproject #TorBorwser so #Tracking and #Ads are pointless!
Because it is @mozilla #Firefox but with #uBlockOrigin, #HTTPSeverywhere and #NoScript already integrated and working fine...
-
Recommened Firefox/Chrome Add-ons
#decentraleyes #ublockorigin #httpseverywhere #privacybadger #noscript #firefox #Fennec #google #chrome #ublock #web #browser
-
Recommened Firefox/Chrome Add-ons
#decentraleyes #ublockorigin #httpseverywhere #privacybadger #noscript #firefox #Fennec #google #chrome #ublock #web #browser
-
Recommened Firefox/Chrome Add-ons
#decentraleyes #ublockorigin #httpseverywhere #privacybadger #noscript #firefox #Fennec #google #chrome #ublock #web #browser
-
Recommened Firefox/Chrome Add-ons
#decentraleyes #ublockorigin #httpseverywhere #privacybadger #noscript #firefox #Fennec #google #chrome #ublock #web #browser
-
Recommened Firefox/Chrome Add-ons
#decentraleyes #ublockorigin #httpseverywhere #privacybadger #noscript #firefox #Fennec #google #chrome #ublock #web #browser
-
I wonder how many companies have gone out of business simply because they didn't use https for their websites.
-
I wonder how many companies have gone out of business simply because they didn't use https for their websites.
-
I wonder how many companies have gone out of business simply because they didn't use https for their websites.
-
I wonder how many companies have gone out of business simply because they didn't use https for their websites.
-
I wonder how many companies have gone out of business simply because they didn't use https for their websites.
-
DYN that by default #Azure #functions do not enforce #HTTPS only? Rather you must configure HTTP to redirect to HTTPS.
Also, interestingly enough I found this factoid in an Azure Docs section on VNet integration.
#httpseverywhere #appsec #security #cybersecurity #cloudsecurity
-
DYN that by default #Azure #functions do not enforce #HTTPS only? Rather you must configure HTTP to redirect to HTTPS.
Also, interestingly enough I found this factoid in an Azure Docs section on VNet integration.
#httpseverywhere #appsec #security #cybersecurity #cloudsecurity
-
@questionable_ole #uBlockOrigin is a must, and I'll also shill for #NoScript, #HTTPSEverywhere, and #Bitwarden. #FacebookContainer is also good if you use #Meta services.
-
Setting up #mastodon has gotten me to get my #email working. I've kinda been procrastination about it.
I've got everything working fine until I got to #dovecot it's saying my #ssl #certificate is bad. It's a #httpseverywhere cert, so it should be good. Works on my browser.
Help?
-
Setting up #mastodon has gotten me to get my #email working. I've kinda been procrastination about it.
I've got everything working fine until I got to #dovecot it's saying my #ssl #certificate is bad. It's a #httpseverywhere cert, so it should be good. Works on my browser.
Help?
-
La morte di Peter Eckersley, il fondatore di Let's Encrypt, ha sconvolto gli informatici di tutto il mondo
https://poliverso.org/display/0477a01e-1563-135b-73bf-c39316965916
-
La morte di Peter Eckersley, il fondatore di Let's Encrypt, ha sconvolto gli informatici di tutto il mondo
https://poliverso.org/display/0477a01e-1563-135b-73bf-c39316965916
-
La morte di Peter Eckersley, il fondatore di Let's Encrypt, ha sconvolto gli informatici di tutto il mondo
https://poliverso.org/display/0477a01e-1563-135b-73bf-c39316965916
-
#DecentralEyes pretends to improve the privacy by replacing some common JS libraries served through CDNs with locally stored copies. Not really sure how important the effect is (e.g. what fraction of all CDN requests is blocked this way), but it never broke any site for me, hence why not?
#HTTPSEverywhere ensures that all sites supporting SSL connection do actually use it. A few years ago I took care to write the rules for my favorite sites myself. Now everything works mostly out of box.
-
#DecentralEyes pretends to improve the privacy by replacing some common JS libraries served through CDNs with locally stored copies. Not really sure how important the effect is (e.g. what fraction of all CDN requests is blocked this way), but it never broke any site for me, hence why not?
#HTTPSEverywhere ensures that all sites supporting SSL connection do actually use it. A few years ago I took care to write the rules for my favorite sites myself. Now everything works mostly out of box.
-
Auf dem Handy habe ich browserunabhängig #Blokada, #Warden, #UntrackMe und #AFWall.
In Fennec #ublockorigin, #httpseverywhere, #decentraleyes und #bitwarden.
Die Geräte von Frau und K1 sind genauso eingerichtet.
Eine Zeitlang hatte ich noch #Shelter am laufen aber das hat irgendwann Probleme verursacht... Ich weiß nur leider nicht mehr, welche. :-/
-
Auf dem Handy habe ich browserunabhängig #Blokada, #Warden, #UntrackMe und #AFWall.
In Fennec #ublockorigin, #httpseverywhere, #decentraleyes und #bitwarden.
Die Geräte von Frau und K1 sind genauso eingerichtet.
Eine Zeitlang hatte ich noch #Shelter am laufen aber das hat irgendwann Probleme verursacht... Ich weiß nur leider nicht mehr, welche. :-/
-
@tinyrabbit @downey ATM I see that #HTTPSEverywhere hogs ~102mb RAM, WTF. /cc @eff
-
@tinyrabbit @downey ATM I see that #HTTPSEverywhere hogs ~102mb RAM, WTF. /cc @eff
-
FEDI SECURITY ISSUE (please boost)
When we attempted to access a page at fediverse.party recently, we were served a page with an insecure connection, this is despite using #TorBrowser, which supposedly has #HttpsEverywhere?
So does anyone know what is going on here? Is fediverse.party susceptible to a #downgradeAttack?
Please boost so we can get to the bottom of it.
-
Thanks to all the developers working on #FreeSoftware #Security at #ClamAv, #GnuPG, #PrivacyBadger, #HTTPSEverywhere, #UBlockOrigin and many other groups who enable users to #StayConnected in a safe way - #ilovefs
@eff -
Thanks to all the developers working on #FreeSoftware #Security at #ClamAv, #GnuPG, #PrivacyBadger, #HTTPSEverywhere, #UBlockOrigin and many other groups who enable users to #StayConnected in a safe way - #ilovefs
@eff