How to Install Secure Browsing on an Android Device

Credit: Shutterstock

(Image credit: Shutterstock)

Web surfing on an Android device is now a little bit safer, thanks to the Electronic Frontier Foundation's HTTPS Everywhere browser plugin, which on Feb. 3 was made available for the Android version of Mozilla Firefox.

Like its desktop counterpart, HTTPS Everywhere forces an encrypted connection between the browser and any website that supports a secure connection. In Web browsers, secure connections are indicated by the "https" (the "S" stands for "secure") prefix or a padlock in the browser address bar.

MORE: Best Smartphones 2014

With HTTPS Everywhere on your Android device, your Web browsing on Firefox will be safer from spies and snoops, even if you're on a password-free public Wi-Fi network in a cafe or airport.

There are a few caveats. First, the HTTPS Everywhere plugin doesn't work with the stock Android browser or to Google Chrome for Android. You have to install Firefox.

Second, HTTPS Everywhere doesn't apply to the stand-alone Android apps that provide direct access to Facebook, Twitter, Yahoo Mail or Gmail. (Those apps apply their own encryption, with varying degrees of effectiveness.) Only direct Web-browser access is protected by HTTPS Everywhere.

Third, users seeking maximum Android security should install a virtual private network (VPN) app — such as Hotspot Shield, DroidVPN or TunnelBear — which will add another layer of encryption to all Internet communications. 

Also, HTTPS Everywhere isn't available for iOS devices, and probably won't be anytime soon. As the EFF puts it, "Apple's policy of locking out Mozilla means you can't have a more secure browser in your pocket."

Nevertheless, there's no downside to installing HTTPS Everywhere on your Android device.  Here's how to do it.

1. If you don't already have Firefox for Android installed, there are two ways to get it.

If you're signed into Google on a desktop, go to the Google Play store page for the Firefox app or simply search for "Firefox." Make sure the developer listed on the resulting page is "Mozilla." Click on Install and select your intended Android device. Firefox will be installed shortly.

On an Android device, just open the Google Play app and search for Firefox. Again, make sure "MOZILLA" is listed as the developer. Click Install.

2. Open Firefox on your Android device and browse to http://www.eff.org/https-everywhere. Click on the green robot.

3. You'll get a warning that the EFF site is trying to install software on your device. Click to allow that.

4. Restart Firefox for Android. On the right end of the address bar, you'll now see a blue icon with a padlock in the middle of it and arrows radiating outward. Clicking on the icon will let you turn HTTPS off for an individual website.

Follow Paul Wagenseil at @snd_wagenseil. Follow Tom's Guide at @tomsguide, on Facebook and on Google+.

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.