[HTTPS-Everywhere] new rules: LiveJournal and Dreamwidth
Chris Palmer
chris at eff.org
Thu Oct 28 10:33:55 PDT 2010
On Oct 28, 2010, at 7:12 AM, Steve Huff wrote:
> something; they offer HTTPS access only to the login pages, which i guess is better than nothing.
I would rather have it than not, but it makes only a tiny difference in a limited set of circumstances.
That's not your fault of course --- thank you for sending in these rules. What we should, and you could, do is to lobby LiveJournal to make their site secure. We can use the limited applicability of this rule as a way to make the point ("Even with HTTPS Everywhere, Firesheep still stole my session! Please fix this, LiveJournal.").
--
Chris Palmer
Technology Director, Electronic Frontier Foundation
More information about the HTTPS-everywhere
mailing list