Archive for October 26th, 2010

HTTPS: Making more use of SSL

Tuesday, October 26th, 2010

There has been a lot of talk about how more and more people are using their laptops on public wifi connections, and with the advent of the Firesheep plugin, there has been a number of scares around session hijacking, and unencrypted login details being sent through the ether.

As a result, I thought I would describe the steps I have taken in securing my Firefox instance on my laptop. These are :

  • Installing the HTTPS Everywhere plugin from the eff, which attempts to select https if available when accessing a site. I have tested it with Facebook, Google, Hotmail, LinkedIn and a few other sites
  • I have set my homepage to be encrypted.google.com
  • I have changed the search engine in top right hand of my Firefox instance to use the encrypted google service, by installing their plugin
  • I have set a master password on my Firefox keychain, which gives my stored passwords some level of protection
  • And I run Adblocking software, (with a custom Facebook Like Button blocking extension) as per an earlier blog post

Furthmore, I use Firefox as my main browser, I have chrome installed, but I hardly ever use it, and I have a locked down, stateless Safari instance which I wrote about earlier.