On May 13th, Google announced that it will offer a web-encrypted search feature to increase privacy for end-users. We've asked our computer security expert, Ben Howard, to explain how Google is able to make search more secure with its new web-encrypted search option.
Ben says that Google allows the use of SSL (Secure Socket Layer) to connect a user's browser to their search engine. The new site,
https://www.google.com(very important to add the "www." as https://google.com will simply redirect you to the non-SSL search engine), features SSL to help secure your search requests. SSL establishes an encrypted session with your browser by automatically exchanging keys that enable encryption. This "session" is, in effect, a virtual tunnel between your internet browser and the Google's website. By encrypting the session, or virtual tunnel, it becomes very difficult for someone other than you or Google to read the data transmitted between you and Google.
Ben explains that what this means is that only you and Google will know the contents and results of your searches. He says that this may sound benign, but the end result is your searches are now private.
Besides improved search security, Google's offering may have other implications. According to Ben, enabling SSL to encrypt search queries is certain to bear some consequences in the ongoing debate over free-speech between Google and China. The debate has the potential to spill over into the U.S. workforce as companies grapple with their own concerns of employee free-speech versus a company's right to enforce work and ethics policies.
Ben Howard is a Senior IT Associate at NSK Inc. with MCSE, Security+, CCNA Security, and NSA 4011 certifications.