Improve Your Privacy in the Age of Mass Surveillance

archive.org:

Technical side-note: In 2017 your user profile is automatically flagged by a machine without human intervention. Your data gets categorized according to risk-profiles, and these are sold! Your ability to get a loan, mortgage, insurance or even job, already depends on it TODAY! It’s common knowledge that the price of your loan is automatically adjusted depending on the zip-code of your current address. If you live in the «wrong» place, you won’t get approved at all! The technology for this is already in place and it’s not some future scenario.

== Step-4 encrypt browser traffic

Making sure the connection between your device and the remote party (the website you’re viewing) is encrypted should be on the top of our list. The «HTTPS-Everywhere» extension checks first if a URL can be served over an encrypted connection whenever you click an insecure HTTP link. You should go ahead and install this!

Technical side-note:
For those of you who want to only visit sites that are encrypted and instead block everything that is coming from an insecure channel, there is another option which works in a similar way but instead of falling back to the insecure method doesn’t allow you to retrieve content over non-encrypted channels at all. This one you can get here. If in doubt just install HTTPS-everywhere and not this latter one. It’s important to see HTTPS as a very basic, crude method to protect you (albeit one you can’t live without). If HTTPS is the only encryption layer to keep your data safe then it’s no good in nearly all cases (beyond sharing cake-recipes). The reasons being the many ways that HTTPS gets broken by middle-boxes or caching providers (Cloudflare a popular CDN is probably the biggest MiTM on the web). If you care to dig deeper into the subject of trusting the Trust Industry, you’ll also have to question how trust is being sold as a product online today. From DigiNotar to StartCom/WoSign, the industry is a sham. Nevertheless all security standards are a compromise between vendors. And encrypting browser traffic with HTTPS should be a thing every website offers to their visitors. Just don’t rely on your secret being protected with HTTPS only as a user.