Privacy Digest

News that can impact your privacy.
Login/Register
What is OpenID?
  • Log in using OpenID
  • Cancel OpenID login
  • Create new account
  • Request new password
Home Blogs MacRonin's blog
    • FAQ
    • Wishlists
    • Contact
    • Categories/RSS

Bookmark Us

Bookmark Privacy Digest 
Bookmark This Page 

Syndicate

Syndicate content
more

Advertisements

Tracking System
GPS Tracking
Tracking System
Private Detectives
Quality Security Services in California
Fleet Management
Hosting

Popular content

Last viewed:

  • PortableApps.com - Portable software for USB drives
  • Verizon to forward RIAA warning letters (but that's all)
  • Article: Industrial Justice: Privacy Protection for the Employed
  • FBI To Spend $1B Expanding Fingerprint Database to include additional biometrics
  • Tor: anonymity online
  • Tell Congress Not to Cave in to Fear (ACLU Action Alert)
  • Two New Judges for the FISA Court

tags in Topics

Activists Alert Companies Congress Copyright Court (US) Databases Data Mining Editorial EFF Entertainment Exploits Fourth Amendment Government Hmmm ID Infrastructure Law Enforcement Laws Politics Privacy Remember Reports Rights Security Software Spin Zone Surveillance Telecommunications Tracking
more tags

View blog authority
Congressional Research
Broadcast Flag

Several Facts about Google and HTTPS

Submitted by MacRonin on July 1, 2009 - 7:12am
  • Activists
  • Anonymity
  • Companies
  • Cryptography
  • Editorial
  • EFF
  • Google
  • Hmmm
  • Privacy
  • Security
  • Surveillance

Several Facts about Google and HTTPS: Via EFF.org Updates.

Three simple facts about Google and HTTPS:

One: as we posted last week, we're very pleased to hear that Google is trialling full HTTPS encryption of all Gmail pages.

Two: if Google's trials are successful, and the company does indeed make HTTPS encryption the default protocol for reading and writing Gmail messages, it will have taken a two-step lead on its competitors in the free webmail and social networking spaces. People use Yahoo! Mail, Hotmail, LiveJournal and Facebook for their private communications, but all of the private messages on those services travels over the network unprotected.1 MySpace doesn't even support HTTPS for passwords!

Three: webmail is one thing, but search is another. Sadly, it isn't possible to use Google's excellent search engine over HTTPS. If you attempt to visit google.com via https, you'll just be redirected back to unencrypted HTTP. If you try the same thing at Yahoo or Microsoft, you'll receive unhelpful error messages.

We've been privately urging Google to make their search service available by HTTPS for some time, but nothing has happened. Yahoo and Microsoft should of course do the same. At the moment, the only search engine that offers protection against eavesdropping is a metasearch site called Ixquick (they also have a truly excellent privacy policy). We hope that some day, the major search engines can catch up with Ixquick.

Those are three simple observations. If you're interested in some less-simple technical detail about what HTTPS actually does, why it's important, and what its limitations are, continue reading below the fold.

  1. 1. Yahoo! Mail is the least worst of these services, since it defaults to HTTPS login, but all of these services are severely lacking in security.

read more

Read Original Article:(Via EFF.org Updates.)

Bookmark/Search this post with:
  • Twitter Twitter
  • Digg Digg
  • StumbleUpon StumbleUpon
  • Technorati Technorati
  • del.icio.us del.icio.us
  • Facebook Facebook
  • Furl Furl
  • LinkedIn LinkedIn
  • Yahoo Yahoo
  • MacRonin's blog
  • Add new comment

Recent blog posts

  • EFF Asks Court to Suppress Evidence Illegally Gathered From Password-Protected Phone
  • Google Superbowl Ad Explains The Need for Search Privacy
  • EFF Fights for Cell Phone Users' Privacy in Thursday Hearing
  • Identifying John Doe: It might be easier than you think
  • ShmooCon: Inside FarmVille's sinister underbelly
  • More Details on the Chinese Attack Against Google (Schneier)
  • The top 5 mistakes of privacy awareness programs
  • ShmooCon: P2P snoopers know what's in your wallet
  • Can you trust Chinese computer equipment?
  • Authors Guild: ‘To RIAA or Not to RIAA’
more

Performancing Metrics

Compilation © Copyright 1997-2010 Paul Hardwick, with Web Hosting provided by MacRonin.com.