The Mozilla Foundation is starting the operations to phase the HTTP connections in the Firefox browser according to “encrypt the Web” movement.
According to roadmap defined by the Mozilla Foundation, the organization has started the process to move toward full HTTPS enforcement in Firefox browser
In November 2014 the Electronic Frontier Foundation (EFF) and other firms, including Cisco, Mozilla, Akamai, Identrust launched a new organization called Let’s Encrypt with help from researchers at the University of Michigan.
The organization will provide free HTTPS certificates to every website that will move to HTTPs.
The announcement of Mozilla is very important considering that its Firefox product accounts for between 12 and 22 percent of the browser market share if we count the different versions.
Mozilla still hasn’t provided any indication on the timeline for the exclusive adoption of the HTTPs protocol. The only news available on the roadmap is that Firefox will provide a date for the full adoption of HTTPS connections and that once defined this date the organization will begin making existing features incompatible with insecure HTTP websites.
The expert considers the path very complicated because Mozilla will have to cut off existing features for HTTP connections gradually.
“We’re also already considering softer limitations that can be placed on features when used by non-secure sites,” explained security lead Richard Barnes. “For example, Firefox already prevents persistent permissions for camera and microphone access when invoked from a non-secure website. There have also been some proposals to limit the scope of non-secure cookies.”
Principal security firms have announced similar initiatives to promote the adoption of encryption on a global scale. Google recently announced that websites implementing HTTPs will be favorited by the giant of search engines, which has also announced the adoption of encryption mechanisms also for itsad services.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.