Why do Tor browser still uses HTTPS Everywhere when the same feature is already built-in?
Because the securedrop.tor onion names isn’t built-in, they depend on HTTPS-E.
3 Likes
Hi @vufila, excellent point. It’s on our radar and the switch will happen before HTTPS-Everywhere is deprecated at the end of 2022 – however as @HackerNCoder points out there are dependencies like SecureDrop’s human-readable onions that we’ll need to remedy first, and HTTPS-Only mode itself will need thoroughly tested too.
3 Likes
I’ll be sad when HTTPS Everywhere is completely dropped and abandoned.
There was something comforting about it sitting there with a red S icon, knowing you would only be connecting via HTTPS.
I stumbled upon this post when I already posted on GitHub
HTTPS Everywhere addon cannot be uninstalled. With Firefox’s own abilities to set HTTPS in it’s settings this addon is redundant.
I don’t want to use DuckDuckGo Smarter Encryption that comes with the addon but I’m forced to because I simply can’t remove this.
I want to ask for a “proper” TorBrowser with HTTPS enabled through “normal” settings and without the HTTPS Everywhere addon or at least the option to remove this addon.
If HTTPS-E is tied to securedrop.tor then you should properly seperate things rather then building up such dependencies.
Also PrivacyBadger is inferior to uBlockOrigin. I understand that it’s an EFF thing but one should always choose the technically better option.
That said: Thanks for you nice work!
thx