Google Begins Locking Down Search With SSL Encryption

Next Story

Video: Yup, that's Everquest running on a Motorola Droid

Online privacy seems to be at the top of everyones’ minds these days. Facebook, Google, and Blippy have all had high-profile privacy lapses in recent weeks — the problem seems to be getting worse, rather than better. Today, Google is starting a new project in an attempt to show their commitment to security — they’re adding SSL encryption to Google.com itself.

Now, to be clear, this isn’t on by default. To use this beta product, you have to visit https://www.google.com — the “s” is the key there, that’s how you know it’s secure. When you do this, both your search terms and search results will be encrypted as they travel across networks. This makes it much harder for third-parties to intercept them.

Google says it’s not rolling this feature out by default for a couple reasons. First, they don’t want there to be any confusion among Google Search users which parts are secure and which aren’t. This SSL search isn’t yet available for image searches or Maps searches, for example, so even if you do a search on this new site for those items, you’ll be taken to an insecure page of results.

The second reason Google isn’t rolling this out everywhere is that it does hamper the speed of search a bit. Since all this data must be encrypted, it’s delivered to you more slowly. I’ve been testing it out a bit just now, and the lag is barely noticeable, but this is Google — speed is everything.

Google is also fast to note that this does not mean they’re giving up on collecting your search data for these searches. This is simply about encrypting the searches. “Searching over SSL doesn’t reduce the data sent to Google — it only hides that data from third parties who seek it,” they write.

Google has long offered SSL support in Gmail, where the transfer of secure data is obviously seen as more important. In fact, Google made it the standard for Gmail recently — shortly after the pull-out of China, where hacking of email accounts supposedly took place.

Google’s own Chrome browser makes it more obvious when you’re at a secure site by making the “https” portion of the URL green. If there’s a problem with the encryption, it will show up red (and clicking on it will show you why).

blog comments powered by Disqus