HTTPS secures the connection between you and the website you are on so random people on the internet can't see the data you are passing between you. It's absolutely essential on things like payment pages with sensitive information, but available and recommended more and more on all kinds of sites. Most browsers will have a lock icon or other indication in the URL field to tell you if the page you are on is currently using https, particularly if that page has any entry fields.
An apparent casualty of the LJ server move was https. I will admit I'd never really looked before at what parts of LJ did and did not have this option, but I can confirm it's not there now, and a number of people are saying it was an option before but has now disappeared. Which means any information you send back and forth to LJ is viewable in transit by anyone (payment pages are apparently still secure). That won't necessarily be a deal breaker for everybody--https is by no means the default for all websites yet. But removing it from LJ, if it is gone for good, is a regressive and user-hostile move.
What the HTTPS Everywhere extension does is request the https version of a site from any site that offers it. For example, Dreamwidth currently has both secured and unsecured versions of its site. As far as I can tell, they still consider the secure version to still be in beta, which is why it is not the default, though I've never had any problems with it. Using this extension keeps all of Dreamwidth in https for you.
no subject
An apparent casualty of the LJ server move was https. I will admit I'd never really looked before at what parts of LJ did and did not have this option, but I can confirm it's not there now, and a number of people are saying it was an option before but has now disappeared. Which means any information you send back and forth to LJ is viewable in transit by anyone (payment pages are apparently still secure). That won't necessarily be a deal breaker for everybody--https is by no means the default for all websites yet. But removing it from LJ, if it is gone for good, is a regressive and user-hostile move.
What the HTTPS Everywhere extension does is request the https version of a site from any site that offers it. For example, Dreamwidth currently has both secured and unsecured versions of its site. As far as I can tell, they still consider the secure version to still be in beta, which is why it is not the default, though I've never had any problems with it. Using this extension keeps all of Dreamwidth in https for you.