Feeds

Google turns on SSL encryption for search

Https option for google.com

Next gen security for virtualised datacentres

Google has added SSL encryption to its primary search engine.

Today, with a blog post, the company announced that netizens now have the option of establishing a secure https connection when searching google.com. To use the service, you must explicitly visit https://www.google.com (Notice the extra "s"). At time of writing, the link was being redirected to Google's default, unencrypted search page on our computers. A spokesman says the SSL service is being rolled out gradually on Friday.

The service also uses its own Google logo, so you can be doubly sure that SSL is in place:

Google SSL search logo

"The service includes a modified logo to help indicate that you’re searching using SSL and that you may encounter a somewhat different Google search experience, but as always, remember to check the start of the address bar for 'https' and your browser lock indicators," the post reads.

The "search experience" will differ because Google has not extended SSL across companion search services such as Google Image Search and Google Maps. Because of this - and because establishing an SSL can slow things down a bit - the service carries a beta tag.

"When you search using SSL, you won’t see links to offerings like Image Search and Maps that, for the most part, don’t support SSL at this time," the post continues. "Also, since SSL connections require additional time to set up the encryption between your browser and the remote web server, your experience with search over SSL might be slightly slower than your regular Google search experience."

Google promised https for search in a blog post last week, when it announced that its Street View had "mistakenly" captured payload data from open Wi-Fi networks as its cars drove across the globe snapping digital photos. "This [Street View] incident highlights just how publicly accessible open, non-password-protected Wi-Fi networks are today," last Friday's post reads. "Earlier this year, we encrypted Gmail for all our users, and next week we will start offering an encrypted version of Google Search."

Google also offers SSL as an option with its Calendar, Docs, and Sites services, and just recently, it added SSL to Google Web History and Google Bookmarks, after a security vulnerability was found in the search personalization service that taps Web History. Google hopes to add https to other services as well.

Yahoo and Bing have yet to offer encrypted versions of their services, except when users are logging in. Hotmail this week announced plans to offer always-on SSL when the service is relaunched in the next few months.

A Google spokesman also indicated it plans to make SSL encryption the default for search. "We hope to expand the functionality once we better understand how it affects users' search experience," the spokesman told us. "We expect that encrypted SSL search will slow down Google searches by a small degree, and we don’t like the idea of rolling this out to everyone before we’re able to test the performance effects and gather feedback from our users." ®

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.