http://news.cnet.com/8301-33620_3-57604604-278/how-google-could-have-made-the-web-secure-and-failed-again/
By Danny Sullivan
CNET News
September 25, 2013
You probably didn't notice, but this week, your searching activity on
Google got a little safer from prying eyes. When you go to Google, it
likely will transfer you automatically to its "encrypted" service, one
designed to prevent potential "eavesdropping" on your searches. What's not
to like with that? Chiefly, a loophole Google has left in for its
advertisers and a lost opportunity to get all sites to go secure.
Blocking "eavesdropping" of search activity
Encrypted search -- officially, Google SSL Search -- protects you from
"eavesdroppers" in the same way you're protected through an encrypted
connection when you do online banking. Only you and the site you're
talking with can "hear" your conversation. So with encrypted search, what
you're searching for can't be heard by third parties. Assuming, of course,
no one like the National Security Agency or hackers have cracked the
"keys" to that encryption.
Google made a big push to increase the use of encrypted searches two years
ago. Anyone who had logged into Google, such as to check Gmail, would be
sent to the Google SSL Search, if they wanted to search for something.
This week, Google confirmed it is forwarding users to Google SSL Search
even if they aren't signed in. From the statement Google gave to me when I
wrote about this on my Search Engine Land site:
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
