Google released a secure version of their popular web search a few days ago. This will allow SSL encryption to the Google search page.
Normally, you would go to http://www.google.com. This page has the search field when you can type in your search terms. The secure web search allows you to go to https://www.google.com (notice that it is https not http). There are a few things that this does and a few things that it does not do.
- Things it does
- It protects your searches from being intercepted and viewed that has access to your network connection. This includes your ISP. But remember that they cannot see only the searches that you did. When you click on a link from the search results, they will still know that you visited that site.
- The search results will be displayed in an https page. This means that when you click on a link, the referer header is stripped and the website that you are going to will not be able to identify where you are coming from. This is because the web browser strips the referer header when moving from https to http.
- Things it does not do
- It does not prevent Google from knowing your searches and the link in the search results that you click on. The search engine links actually contain markers that tell Google which search result you clicked on.
- HTTPS is only available for web search. Other searches such as images, videos, maps, etc are still http, though Google may roll out https for them in the future.
- It does not protect you from malware and spyware. If your computer is infected, your searches can still be known to 3rd parties.
I am not really sure that it is going to do a lot to improve security. The search results will be the same as a regular web search and can still point to malicious websites. For more information on this topic, see my earlier post on search engine results and security.
One thing to remember is that establishing an SSL connection requires extra processing and communication. This can result in a slightly slower server response.
Check out the new secure web search. Notice that the Google logo will have a lock and the url will have https instead of http.