One of the latest additions to the Google Chrome browser is the ability to force SSL. What this means is that the web browser will only open websites using the https protocol. Connections to insecure websites that only make use of the http protocol will not be initiated. Google Chrome will display the message that the webpage is not available in that case.
Why would someone want to force SSL in the web browser? The answer is easy: To increase security. This is an excellent way to deal with most phishing threats. Phishing sites are currently copying the looks and feels of popular financial sites. What they do not do is to make use of the https protocol, at least in most cases. This means that those phishing pages would not even be opened in Google Chrome as they are not making use of https.
Here is the idea. Create a Google Chrome profile that forces SSL and that is purely used for accessing sensitive sites. This could be PayPal, Gmail, the Bank of America website, or other financial sites and basically any site that is making use of the https protocol.
The ability to force SSL is only available in the latest developer's build of Google Chrome. Read the Google Chrome 2 release announcement article for information on how to obtain a copy.
The force SSL option has to be supplied as a parameter during startup. This can be done by appending --force-https to the Target row in the shortcut's properties.
Does anyone know if there is a similar option for Firefox or Opera?
Update: While still available as a startup parameter in Chrome, users of the web browser can alternatively make use of the excellent HTTPS Everywhere extension to force HTTPS on high priority websites.
For Firefox users reading this, the extension is also available for their browser.
Please note that forcing HTTPS connections may break some sites. Not only sites that do not support that at all, but also mixed-content sites that allow secure connections but load some data using HTTP connections.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.