Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Will the EFF update HTTPS Everywhere any time soon or has it become abandonware?


  • Please log in to reply
12 replies to this topic

#1 midimusicman79

midimusicman79

  • Members
  • 764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:10:20 PM

Posted 05 September 2017 - 09:00 AM

Hi all!
 
Recently, while clicking on links in a topic here at BC leading to Emsisoft.com, I have noticed that they appear on screen without JavaScripts, namely with no pictures and text only.
 
So in an attempt to narrow down the issue, I started Firefox in Safe Mode, and then the links loaded perfectly, which proves that one of the web browser security add-ons would likely be malfunctioning.
 
So then I decided to turn off one of my Firefox security add-ons one at a time in order to find the culprit, and it turned out that the Electronic Frontier Foundation's HTTPS Everywhere is responsible, because as long as I keep it off, the issue disappears.
 
This coincides with the fact that this issue neither affects MS Internet Explorer nor MS Edge, in which I do not have the said add-on, because it is not available for these browsers.
 
In the Firefox add-ons page the said add-on shows up as OUTDATED, along with VTzilla. Others are Ghostery as well as µBlock Origin, both of which are updated.
 
After reading about Firefox add-on technology is modernizing, and concidering that most, if not all webpages now use HTTPS only anyway, my question is as follows;
 
Will the EFF update HTTPS Everywhere any time soon or has it become abandonware?
 
Thank you very much in advance!
 
Regards,
midimusicman79

Edited by midimusicman79, 05 September 2017 - 09:28 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


BC AdBot (Login to Remove)

 


#2 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:04:20 PM

Posted 05 September 2017 - 09:23 AM

Since the latest version of HTTPS Everywhere is 2017.8.31 it would seem that it's still under active, very active, development.

 

It also appears that the http://changeblog.emsisoft.com website does not take well to being forced to HTTPS gracefully.  Just unchecking that rule  in HTTPS Everywhere makes it load perfectly.


Edited by britechguy, 05 September 2017 - 09:26 AM.

Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#3 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 AM

Posted 05 September 2017 - 10:31 AM

@midimusicman79 I will ask about it , thanks for the report ;)



Emsisoft Community Manager


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:20 PM

Posted 05 September 2017 - 05:53 PM

As britechguy HTTPS Everywhere 2017.8.31 was auto updated a few days ago...see HTTPS Everywhere Changelog.txt

The Firefox add-ons page should show HTTPS Everywhere as Legacy.

Note: Starting in Firefox 57, which will be released in November 2017, only add-ons built with this new technology will work in Firefox. These are indicated by the "Compatible with Firefox 57+" label on addons.mozilla.org (AMO). Add-ons built with the old technology are labeled "Legacy" in the Add-ons Manager (about:addons) tab.

If an add-on does not have the "Compatible with 57+" label or has the "Legacy" label, the developer may be in the process of transitioning to the new technology.

Firefox add-on technology
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:10:20 PM

Posted 06 September 2017 - 09:14 AM

Hi, britechguy, Umbra & quietman7!

 

Thank you all for the prompt and insightful replies! :)

 

Yes, I agree that HTTPS Everywhere is still under active development, but in my hurry I just did not notice it, and for this I apologize.

 

However, I have gathered that all links to the Emsisoft Blog no longer work properly, and this even goes for the links in the Emsisoft Anti-Malware's GUI, which all used to work before.

 

It also appears that the http://changeblog.emsisoft.com website does not take well to being forced to HTTPS gracefully.  Just unchecking that rule  in HTTPS Everywhere makes it load perfectly.

 

Yes, that works for me too, but with all due respect, according to the HTTPS Everywhere FAQ, it is only a temporary solution.

 

What if HTTPS Everywhere breaks some site that I use?

This is occasionally possible because of inconsistent support for HTTPS on sites (e.g., when a site seems to support HTTPS access but makes a few, unpredictable, parts of the site unavailable in HTTPS).

If you report the problem to us, we can try to fix it. In the meantime, you can disable the rule affecting that particular site in your own copy of HTTPS Everywhere by clicking on the HTTPS Everywhere toolbar button and unchecking the rule for that site.

You can also report the problem to the site, since they have the power to fix it!

 

Not sure if it matters, but I have also looked at the HTTPS Everywhere Atlas for Emsisoft.com, however it is way over my head.

 

@midimusicman79 I will ask about it , thanks for the report ;)

 

@Umbra May I ask: Any progress?

 

Thank you! :)

 

Regards,

midimusicman79


MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#6 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:04:20 PM

Posted 06 September 2017 - 09:37 AM

midimusicman79,

 

         It is a fact of life that certain security add-ons can and will "break" certain sites.  Not knowing whether this occurred at the time the latest update to HTTPS Everywhere was pushed out or whether it came before makes it difficult to know whether it's the add-on or some change to the site itself that's causing "the burp."

 

         While HTTPS Everywhere is a great security convenience, it sometimes has to be disabled on specific sites, and when those sites are primarily or exclusively "read only" it doesn't bother me much to do so.  And sometimes this is not a "temporary solution" (though sometimes it is) but a permanent requirement if the issue is with the site itself and there is no intention on the part of the site maintainers to change whatever it is that does not respond well to HTTPS Everywhere, at least if you want to continue using the site as designed.

 

          I haven't dropped any sites due to HTTPS Everywhere issues (at least not yet) but I have dropped a number of them that detect that I use ad blocking software and refuse to let me in so long as it's on.  It's none of their *^%$ed business whether or not I use ad blocking software on my own machine, so it's farewell to them.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:20 PM

Posted 06 September 2017 - 11:54 AM

...I haven't dropped any sites due to HTTPS Everywhere issues (at least not yet) but I have dropped a number of them that detect that I use ad blocking software and refuse to let me in so long as it's on. It's none of their *^%$ed business whether or not I use ad blocking software on my own machine, so it's farewell to them.

+1
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 digmor crusher

digmor crusher

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:20 PM

Posted 06 September 2017 - 12:52 PM

I agree, I despise advertising of any kind. 



#9 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 AM

Posted 07 September 2017 - 05:02 AM

@Umbra May I ask: Any progress?

 

There will no "fix" for the moment, just do as Britechguy said, add  http://changeblog.emsisoft.com to the exclusions.



Emsisoft Community Manager


#10 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:10:20 PM

Posted 07 September 2017 - 07:00 AM

Hi again, Umbra!

 

I understand. But maybe some time in the future, then. I have done just that. :busy:

 

Thank you all very much for the help!

 

Regards,

midimusicman79


MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:20 PM

Posted 07 September 2017 - 07:02 AM

To do that specifically, go to the Emsisoft link, click on the HTTPS Everywhere icon in the top menu and under Stable Rules, uncheck Emsisoft (partial).

The page should automatically refresh and load normally.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:10:20 PM

Posted 07 September 2017 - 08:30 AM

Hi again, quietman7!
 
Thanks for the clarification! :wink:
 
Just learned something new!
 
Thank you all very much again!
 
Regards,
midimusicman79

Edited by midimusicman79, 07 September 2017 - 10:20 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:20 PM

Posted 07 September 2017 - 03:05 PM

You're welcome.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users