HTTPS Everywhere to use DuckDuckGo's Smarter Encryption before reaching End of Life
HTTPS Everywhere by the EFF will switch from using its own rulesets to using rulesets provided by DuckDuckGo's Smarter Encryption technology exclusively.
The browser extension was released in 2010 to switch to encrypted (HTTPS) connections if possible. The extension would try to upgrade connections when users entered domain names, used HTTP, or clicked on HTTP links in the browser.
The extension was upgraded throughout the years, e.g. an update in 2012 introduced weak encryption warnings, another in 2015 added thousands of new sites.
The main idea behind the extension was to improve security by upgrading connections to HTTPS. A list with rulesets was used by the extension up until now for the purpose.
A blog post on the EFF's Deeplinks site reveals that HTTPS Everywhere will switch to the rulesets of DuckDuckGo's Smart Encryption feature before it will reach End of Life eventually.
Smarter Encryption uses an automated approach for building its rulesets, and that sets it apart from the HTTPS Everywhere way of manually adding rules. Since it covers more sites, it will upgrade more connections to HTTPS when used.
The EFF published a plan to phase out HTTPS Everywhere rulesets. The main takeaway is that its rulesets will be retired in late 2021 to give partners and downstream channels enough adjusting time. DuckDuckGo's rulesets are supported in the latest version already.
More serious than the switching to the different rulesets is that the EFF has plans to retire HTTPS Everywhere eventually. A date has not been determined yet according to the makers, but it won't be announced before the old rulesets are retired.
Why is HTTPS Everywhere being retired?
The web is moving towards HTTPS-only rapidly, but this is only part off the reason. The main arguments for the decision are the following ones:
- DuckDuckGo's Smarter Encryption supports more domains than the HTTPS Everywhere model.
- Firefox supports an HTTPS-Only mode.
- Chrome starts to redirects requests to HTTPS first when typed in the address bar.
- Mixed content is blocked in major browsers.
- The use of different domains for HTTPS content is used less and less on the web.
- Chrome's Manifest V3 has a rulesets cap, and the EFF does not want to "create confusion for users on "who to choose" when it comes to getting the best coverage.
- Users may switch to DuckDuckGo's Privacy Essentials or a browser that supports HTTPS-Only mode once HTTPS Everywhere is retired.
Closing Words
HTTPS Everywhere remains available throughout 2021 at the very least. While the old ruleset will be turned off eventually, it will be replaced by another that may do its job even better. Eventually, HTTPS Everywhere will be retired. Users may switch to Firefox's excellent HTTPS-Only mode then, which tries HTTPS first always but comes with prompts to downgrade the connection if HTTPS is not working, or DuckDuckGo's Privacy Essentials extension.
Now You: do you use HTTPS Everywhere?
Doesn’t Windows 8 know that www. or http:// are passe ?
Well it is a bit difficulty to distinguish between name.com domains and files for instance.
I know a service made by google that is similar to Google bookmarks.
http://www.google.com/saved
@Ashwin–Thankful you delighted my comment; who knows how many “gamers” would have disagreed!
@Martin
The comments section under this very article (3 comments) is identical to the comments section found under the following article:
https://www.ghacks.net/2023/08/15/netflix-is-testing-game-streaming-on-tvs-and-computers/
Not sure what the issue is, but have seen this issue under some other articles recently but did not report it back then.
Omg a badge!!!
Some tangible reward lmao.
It sucks that redditors are going to love the fuck out of it too.
With the cloud, there is no such thing as unlimited storage or privacy. Stop relying on these tech scums. Purchase your own hardware and develop your own solutions.
This is a certified reddit cringe moment. Hilarious how the article’s author tries to dress it up like it’s anything more than a png for doing the reddit corporation’s moderation work for free (or for bribes from companies and political groups)
Almost al unlmited services have a real limit.
And this comment is written on the dropbox article from August 25, 2023.
First comment > @ilev said on August 4, 2012 at 7:53 pm
For the God’s sake, fix the comments soon please! :[
Yes. Please. Fix the comments.
With Google Chrome, it’s only been 1,500 for some time now.
Anyone who wants to force me in such a way into buying something that I can get elsewhere for free will certainly never see a single dime from my side. I don’t even know how stupid their marketing department is to impose these limits on users instead of offering a valuable product to the paying faction. But they don’t. Even if you pay, you get something that is also available for free elsewhere.
The algorithm has also become less and less savvy in terms of e.g. English/German translations. It used to be that the bot could sort of sense what you were trying to say and put it into different colloquialisms, which was even fun because it was like, “I know what you’re trying to say here, how about…” Now it’s in parts too stupid to translate the simplest sentences correctly, and the suggestions it makes are at times as moronic as those made by Google Translations.
If this is a deep-learning AI that learns from users’ translations and the phrases they choose most often – which, by the way, is a valuable, moneys worthwhile contribution of every free user to this project: They invest their time and texts, thereby providing the necessary data for the AI to do the thing as nicely as they brag about it in the first place – alas, the more unprofessional users discovered the translator, the worse the language of this deep-learning bot has become, the greater the aggregate of linguistically illiterate users has become, and the worse the language of this deep-learning bot has become, as it now learns the drivel of every Tom, Dick and Harry out there, which is why I now get their Mickey Mouse language as suggestions: the inane language of people who can barely spell the alphabet, it seems.
And as a thank you for our time and effort in helping them and their AI learn, they’ve lowered the limit from what was once 5,000 to now 1,500…? A big “fuck off” from here for that! Not a brass farthing from me for this attitude and behaviour, not in a hundred years.
When will you put an end to the mess in the comments?
Ghacks comments have been broken for too long. What article did you see this comment on? Reply below. If we get to 20 different articles we should all stop using the site in protest.
I posted this on [https://www.ghacks.net/2023/09/28/reddit-enforces-user-activity-tracking-on-site-to-push-advertising-revenue/] so please reply if you see it on a different article.
Comment redirected me to [https://www.ghacks.net/2012/08/04/add-search-the-internet-to-the-windows-start-menu/] which seems to be the ‘real’ article it is attached to
Comment redirected me to [https://www.ghacks.net/2012/08/04/add-search-the-internet-to-the-windows-start-menu/] which seems to be the ‘real’ article it is attached to