Google search results now come wrapped in a digital lock to keep them from prying eyes.

Thomas Claburn, Editor at Large, Enterprise Mobility

May 21, 2010

2 Min Read

Google on Friday introduced an encrypted version of Google Search, a move that makes it far more difficult for anyone to intercept and read communication between Google and users during search sessions.

Encrypted search is available by initiating an https:// connection to Google rather than an unprotected http:// connection.

Had Internet users in Europe been using Google's encrypted search, their searches would not have been exposed by Google's recently disclosed inadvertent collection of wireless network traffic from public WiFi hotspots.

But Google's introduction of encrypted search isn't in response to that incident, said Google product manager Murali Viswanathan in a phone briefing. It's part of a broad initiative to add encryption to its services.

In January, Google enabled https:// connections for Gmail by default, having previously made it an option available to users who wanted extra security.

As a consequence of using an https:// connection to reach Google, clicking on a search results link will send less information to the Web site at the end of the link. Encrypted search users will not transmit the search keywords they entered when they submitted their query or the fact that they used Google to find the site at the end of the search results link. This deprives publishers of information that may be useful to their marketing efforts, which may be why Google isn't forcing everyone to use encrypted search. But it provides Google users with more privacy.

Adding encryption represents a cost for Google, though Viswanathan was unable to provide data to quantify the expense. It costs Google in terms of computational resources and engineering time.

"It requires a lot of work from the development side," said Viswanathan. "We do realize those extra costs do bring extra benefits to our users."

There's also a cost for the user: Encrypted search is slightly slower, through Viswanathan says it shouldn't be noticeable.

Encrypted search is not a complete security solution. Data has to be presented to the user in unencrypted form so any person or malware that has access to the user's computer or mobile device may be able to read that information. Encryption does nothing to prevent users from being duped into supplying personal information to phishers. And the encryption only extends to Google Search at the moment; searches on Google Maps or Google Images, for example, will not be encrypted.

To prevent users from inadvertently shifting from encrypted to unencrypted search, Google is removing the Maps and Images links from the left-hand menu pane on its search results pages.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights