SaferChrome Protects Chrome Users Against Man In The Middle Attacks, Improves Security - gHacks Tech News

SaferChrome Protects Chrome Users Against Man In The Middle Attacks, Improves Security

Internet users who connect to the Internet out of a computer network have to be very careful about the data they send and receive, and how they do that. The Firefox add-on Firesheep was definitely not the first program to show how easy it is to record data from other users of the network but it brought the issue to a wider audience.

One of the biggest issues can be brought down to the following four words: Http bad, https good. Most web connections are http connections which is fine as long as no important or private data is transferred. Data in this regard can be anything from username and passwords to financial documents or a private message to a friend at a website.

Users in the same network can spy on the traffic but only if the connections are made via http. Https connections on the other hand are encrypted which more or less protects the information from man in the middle attacks and users in the same network.

SaferChrome is a security extension for Chrome that aids the user by offering additional protection against man in the middle attacks. The extension notifies the user whenever login information will be sent in the clear.

This helps detecting site that don't use SSL or use it incorrectly. It also helps preventing SSL strip attack that rewrite the form action to trick you into sending your password over HTTP rather than HTTPS.

The extension displays a warning notification at the top and an icon in the address bar. A click on the icon opens a detailed report about the website and the problems the extension has detected.

safer chrome

The extension furthermore offers to redirect http traffic to https. This may not work on all sites but can be easily undone.

insecure content

Users who visit websites with problems have the option to force https to see if this resolves the security issue or contact the webmaster manually to request that it will be fixed. The extension helps users identify websites with improper security.

Safer Chrome is available for download at the Chrome repository.

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. milithruldur said on January 15, 2011 at 5:07 pm
    Reply

    This is nice, especially if you consider other sites that does not serve all web objects via https, either because of third-party includes that doesn’t provide nor support https versions, or just bad server configuration.

    Using this extension one can see what particular web objects are not covered via https. Especially helpful when sending form data that may sometimes be sent via unsecured connections, even though the form itself is secured.

    /m

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.