Google has started rolling out SSL search over the past few days. Google.com went live today (Google.co.uk isn’t live as of today – 21st Oct). Important to note that the SSL search will only work if you are signed in to your Google account. If you don’t have a Google account, you will not be able to use SSL search. 🙁
SSL search will provide end-to-end encryption between a PC and Google. It encrypts search terms and your search results pages from being intercepted by a third-party or malicious program. SSL search now allows your search terms to be encrypted and excluded from the HTTP referrer headers that are part of the request sent to the website you visited – in effect acting like a dereferrer. The landing website will still know you are coming from Google, but not the query that was issued.
There are exceptions to this and one is if you have configured your browser’s search box to send search queries to www.google.com you will be directed to https:// to get your encrypted results, but your query will be unencrypted if you click on the ad on the results page – then off goes your HTTP referrer to the advertiser’s website. If you are concerned about this I suggest you use Google’s existing encryption-based search engine: https://encrypted.google.com
My biggest question right now is – how many people who use Google search are actually logged in/have an account? I doubt that many. Google and it’s advertisers probably know this. Could this be all about PR spin and appeasing the privacy advocates? Who knows. Anyway, it’s great that Google is making every effort to protect it’s users or should that be “members”. 😉
Safe surfing folks!