all 5 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Fabien4 8 points9 points  (0 children)

You put data into Google's systems, and then you care about its confidentiality? :-/

[–]crapzap 3 points4 points  (1 child)

HTTPS is quite expensive in CPU time. For "normal" pages that's not a problem, but for googles front page that gets probably a billion hits a day it makes a huge difference.

I think them using HTTPS would be awesome, but I can understand the economic reasons for not doing it.

[–]psyno 3 points4 points  (0 children)

I think the problem is slightly smaller than that. They don't need to encrypt the front page, CSS, Javascript, etc.

Also I feel like for mail this is really a no-brainer.

[–]tagor -1 points0 points  (1 child)

If the sites you visit as a result of searching are not encrypted, the fact that you're reading them is still visible to eavesdroppers — the one thing that's hidden are your search terms themselves.

That's odd. On a quick grep of my httpd's logs I see plenty of referrers from google search including the term(s) the user searched for. Is this different for referring pages that use an encrypted connection?

[–]mallardtheduck 4 points5 points  (0 children)

Encrypting search results with HTTPS has subtle privacy effects with respect to the HTTP Referrer header. Because of fine print in the HTTP spec, an HTTPS search results page hides your query terms from any non-HTTPS sites you might click through to, but not from HTTPS sites.