https everywhere vs host file

Hi, with the release of FaceNiff if i finally want to use https where ever it is possible to use. I hoped for some option within firefox to always use https when avi.. but i couldnt find any. So i checked out the addons and the only one i found was "https everyhwere". The strange thing is, you cant download it from the official addons.mozilla.com site.. so how reliable and secure is it?

Then i thought about modifying the hosts file.

e.g.

is that possible and a good solution?

Thanks

 

just type in with the s? and no you can't modify protocols in your hosts file.

then store the favourites with the https in it. and use those. that's what favourites are for.

 

For a little clarification of what davepermen said... the hosts file only handles DNS, or looking up computer addresses by their name. facebook.com goes to the same place no matter what. HTTP just requests on port 80, and https does port 443.

With THAT said, given that The EFF is behind that extension, I would say it's perfectly safe and probably your best solution. The EFF is very trustworthy.

 

I just changed my favourites. long before the "omg enable secure facebook or everyone will hack your account omgomgrepost!" panic. same for twitter, gmail etc..

why does one exactly need an extension for this? to write an s?

 

hmm i will try out https-everywhere then. i wonder if it even gets auto-updates ?

the reason why favourites wont work is that i use an extension which wont save any history of facebook.com or displays it in the adress bar when writing "face". I use that for some sites (amazon,ebay,...).

 

a) that shouldn't matter to favourites
b) wait, what? .. bah.. people.. people and their paranoias. oh well.

but as said, a). it shouldn't matter to favourites. except if you don't want to have a favourite to the page, too. in which case, again, b)

 

the addon also wont show the favourites.

 

if it doesn't have the option to allow the favourites but not the history, i suggest complaining there / searching another.

or put shortcuts into the startmenu, or on the desktop, or what ever there are lots of ways to have "favourites".

but i would, if i would ever use such an extension, ask the developer for this feature.

 

You do know theres a setting in facebook that makes it always use https

Its under account settings > account security > secure browsing > Tick "Browse Facebook on a secure connection (https) whenever possible"

The only time it will not use https if theres an third party app and even then it will warn you.

 

ye i know about that facebook setting But its not only about facebook.. gernerally i want to use https automatically wherever its possible to use.

 

does the system actually store a history of the https pages? i once thought, it doesn't. which would fix your need to have facebook and co. hidden through an extension in the first place. maybe try that out?

i'm searching for info, it's just some vague memory.

 

i also use that extension to hide sites which don't support https

the addon is use is HistoryBlock (Firefox) and i couldn't find a decent replacement for it yet.

 

there's nothing written about favourites in the description, so it should not delete them.

 

Then you can write a custom 'HTTPS Everywhere' .xml file yourself, in which you add every 'https-site' your hart desires, as described on this (https) EFF page link.