In a recent blog post, Mozilla announced the introduction of a new feature coming to Firefox in version 83 that allows users to enable always-on security for their web browsing. By enabling HTTPS-only mode, users can be confident that their browsing is always secure from eavesdroppers.
When this new mode is enabled, Firefox will attempt to establish fully secure connections to every website and will ask for permission before connecting to a website that doesn’t support secure connections. That Mozilla feels able to roll out this new feature to millions of Firefox users is a clear indication that HTTPS adoption on the web has reached a tipping-point.
Hypertext Transfer Protocol (HTTP) is a fundamental part of the World Wide Web. In addition to powering the web, HTTP is increasingly used to transfer data between Internet-connected devices of all kinds. In the early days, the Web was unencrypted, and traffic was easily observable (and modifiable) by eavesdroppers. As e-commerce and online banking became more popular, HTTPS was developed to help secure online transactions. Secure HTTP (HTTPS) adds a layer of encryption to make these transfers more secure.
With revelations of widespread, state-sponsored pervasive surveillance of Internet traffic, encrypting all web traffic became a priority. Effective encryption is key to secure online communications for everything, from financial transactions to healthcare. It is a foundational component upon which a trustworthy Internet is built.
Insights presents measurements of HTTPS adoption to illustrate the progress being made towards an encrypted web and to highlight some of the variability in HTTPS adoption between countries. The tools needed to build a secure-by-default web are freely available and we encourage all developers using HTTP technology in their products to make use of them.
Photo by chris panas on Unsplash