Privacy On The Web - Part 2
I continue to explore my personal and business cyber-security needs as I have time. It has been awhile since my last post for this series, so I thought it prudent to provide an update.
In my first post, I mentioned that I planned on using Google Chrome as my “less secure” browser. I also indicated that I planned to modify Firefox for use as a “more secure” browser.
The fact is, as you make your browsing experience more secure, you may also slow it down. By the approach I have taken, I hope to be fast when I want fast, and secure when I want secure.
I am currently using Chrome relatively unmodified as far as tracking is concerned. Just my personal opinion, but I believe this is part of the bargain I have with Google. They provide gmail, photos, gdrive, gsuite, analytics, and a host of other products and services without cash outlay from me. In return, I allow them to use my experience to fine-tune their products; to create new products; and to make money from advertisers. This is how I compensate Google for the products I am provided.
On the other hand, that doesn’t mean I can’t improve my security in this situation. One of the products I have found is HTTPS Everywhere. This is a product from the Electronic Frontier Foundation (EFF). They have extensions for Chrome, Firefox, and Opera browsers (go to https://www.eff.org/https-everywhere).
For those of you who don’t know, HTTP is notoriously insecure for entering data. HTTPS, on the other hand, encrypts your data entry to make it more difficult for snoopers to read your entry as it makes its way from your computer to the web server you are visiting.
Here are some pros and cons of using HTTPS Everywhere.
PROS:
- HTTPS Everywhere is free and open source. It basically works to rewrite your website requests (for instance, when you click a search engine link) from HTTP to HTTPS.
- The websites you visit should be more secure, in terms of data you submit.
- If you believe HTTPS Everywhere causes a particular webpage to “break” or look odd, you can disable it by simply clicking a button to the right of your address bar (a blue box containing a white “S”).
CONS:
- According to the “Important Note” from EFF found on the Chrome Web Store product link, HTTPS Everywhere is “in beta.” This means it is still being developed and tested, but is available for use. You should read the rest of this “Important Note,” as well as the FAQs found at the eff.org link included above, before deciding to use the beta version of this product.
- HTTPS encryption protection can be defeated, given the right tools, expertise, and determination. Tony Perez wrote a very good article on this subject.
- According to the Chrome Web Store reviews, some users report excessive memory utilization by this product.
I have just begun trying HTTPS Everywhere to see how it works for me (on both Chrome and Firefox browsers, and on both Windows and Linux machines). If I find similar products elsewhere, I will also consider them.
One thing to note: there is no single product that will make your cyber-presence more secure. It is a matter of layering -- just as you may have locks AND a security system for your vehicle or your home. And just as with your physical security, no precaution is going to deter or defeat all bad guys in the cyber world. Your best hope is to narrow the threats to the seriously determined and the professionals.
I’ll post again when I have more to report. Meanwhile, let me know if you have any questions or constructive comments that I should factor into my exploration and my next post.