Google announced today that it will encrypt by default Web searches and results for users who are signed in.
People who don’t have a Google account or are signed out can go directly to https://www.google.com, the company said in a blog post.
Encrypting the communications between an end user and the Google search engine servers will protect against snooping by anyone who might be sniffing on an unsecured Wi-Fi network, for instance. Secure Sockets Layer (SSL) is available now for Web search, image search and all the search modes except for Maps, Google said in this separate post.
For example, when you search over SSL for “dogs,” Google encrypts the search and results that are returned, but clicking on a result ends the encrypted connection unless the destination is on “https://.”
“Although SSL offers clear privacy and security benefits, it does not protect against all attacks. The benefits of SSL depend on your browser’s list of trusted root certificates, the security of the organizations that issue those certificates, and the way in which you and your browser handle certificate warnings,” Google says. “In addition, while the connection between your computer and Google will be encrypted, if your computer is infected with malware or a keylogger, a third party might also be able to see the queries that you typed directly.”
Google began SSL default in Gmail in January 2010 and began offering an encrypted search option four months later.
Originally posted at InSecurity Complex