Application info
This extension enforces encryption for websites that support it as much as currently possible in Chrome. This gives you added security and privacy for your browsing automatically and transparently. This is particularly important on insecure networks, such as public wifi in e.g. coffee shops and hotels.
It is not completely secure against the infamous Firesheep, but it does minimize the risk greatly. See the section on complete enforcement for technical details and more on when this will be possible.
Features:
- Automatically detects if a site supports SSL (TLS) and redirects you to it
- Flexible options for overriding the auto-detection
- Caches which sites support SSL (respects incognito mode)
- Open source (GPLv2 or later)
Changelog:
Issue tracker:
Complete enforcement:
Due to Chrome limitations KB SSL Enforcer redirects while the page is loading. This can give a quick flicker of the unencrypted page, but it redirects you as fast as possible.
This first insecure request could send a cookie in the clear, which would give anyone with tools like Firesheep an opportunity to use your account on that site. But this only happens if they catch it during that first request and if it includes sensitive information, such as your logged in session.
The request for the ability to intercept requests in Chrome before they leave the browser, is currently their most starred issue:
It's followed specifically for this extension in issue 25:
Any questions or feedback are welcome in the issue tracker linked above, which has features to manage and notify people of any issues, so they can be fixed and we can all have a better extension. Please keep the user reviews section of this page to just reviews. Thanks.
Developed by KB IT:
Integration level may vary depending on the application version and other factors.
Make sure that user are using recent version of
KB SSL Enforcer.
Please contact us
if you have different integration experience.
KB SSL Enforcer and Flamory