HTTPS Everywhere is a free Firefox extension–the EFF would like to do it for other browsers but says it’s not possible without source code–that forces the browser to use HTTPS (SSL-encrypted) connections whenever possible. This isn’t foolproof security–HTTPS is vulnerable to man-in-the-middle attacks–but it forces an attacker to do more work in order to snoop on your web traffic.
If you spend a lot of time on public wi-fi networks, this is the bare minimum you should do to protect yourself.
I need to remember to write up an explanation later this week of how SSL is vulnerable to man-in-the-middle attacks. But it’s better than nothing, and there’s nothing wrong with using it as additional protection even when you’re on a safe network.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.