Google Switching to SSL By Default For Logged-In Users

nonprofiteer writes "Google plans to encrypt search for signed-in users, so that websites will no longer get to see the search terms that led a user to their site, though they will get aggregated reports on the top 1000 search terms that led traffic to their sites."

Re:Some deal

[Hatta]

Never mind, I should RTFA. For the rest of us who didn't: encrypted.google.com [google.com].

HTTPS Everywhere

[Anonymous Coward]

...is a Firefox plugin that does that for you anyways. Google has a standard HTTPS page, as does a number of other sites, like Wikipedia.

While I applaud Google for doing this for its signed-in customers, people should be using HTTPS for everything, everywhere, if possible. Sure, it has its flaws, but better flawed privacy than no privacy.

Re:Refreshing

[Qwell]

referer

cryptome.org had some great posts on SSL

[AHuxley]

http://cryptome.org/0005/ssl-broken.htm [cryptome.org] on this issue.
Welcome to en.wikipedia.org/wiki/Clipper_chip, Enigma or the fun of Data Encryption Standard era standards in your new safe browser.

Re:Refreshing

[kabloom]

And I should point out (since the GP doesn't know about referers, he probably needs more than a one word answer) that the Referer is a field in your HTTP request that's automatically sent by your browser telling it the address of the website that you came from. Since Google (and other search engines) put the query string in the URL of the search results page (like they should), the website can read the results out of the URL and know what your search terms were.

Google didn't invent this as a way to invade your privacy -- it's been a feature of the web since the early days.

Comment removed

[account_deleted]

Comment removed based on user account deletion