#4375: Use https://www.google.com instead of https://encrypted.google.com -------------------------------------+-------------------------------------- Reporter: emk | Owner: pde Type: defect | Status: closed Priority: normal | Milestone: Component: EFF-HTTPS Everywhere | Version: Resolution: wontfix | Keywords: Parent: | Points: Actualpoints: | -------------------------------------+-------------------------------------- Changes (by pde):
* status: new => closed * resolution: => wontfix Comment: https://www.google.com has worse security properties than https://encrypted.google.com, as discussed [https://www.eff.org/deeplinks/2011/10/google-encrypts-more-searches here] and [https://mail1.eff.org/pipermail/https- everywhere/2011-October/001209.html here]. The functionality gap between the two sites is small. Unless the www.google.com domain becomes as secure as encrypted.google.com, HTTPS Everywhere will not send searches there. We would however consider a patch with an alternative, off-by-default ruleset that let the user search on www. instead. I believe that is possible with the current codebase, but might require an undocumented dependence on the name of the alternative ruleset and the order in which inodes in the ruleset directory are scanned in the HTTPSRules constructor. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4375#comment:1> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
