Google Rolls Out Encrypted Web Search Option

KirinMercury writes "Google began offering an encrypted option for Web searchers on Friday and said it planned to roll it out for all of its services eventually. People who want to use the more secure search option can type 'https://www.google.com' into their browser, scrambling the connection so the words and phrases they search on, and the results that Google displays, will be protected from interception." Note that you need the 'www' for it to work. Dropping it redirects you to a non-ssl page. You might have read this on Saturday, but if you missed it, it's still worth knowing.

Change it in the Firefox search box:

[Evro]

In ~/.mozilla/firefox/(profile id).default/search.json, find this:

{"template":"http://www.google.com/search","rels":[],"params":[{"name":"q","value":"{searchTerms}"}

Change it to this:

{"template":"https://www.google.com/search","rels":[],"params":[{"name":"q","value":"{searchTerms}"}

Restart browser

Re:Change it in the Firefox search box:

[MoonBuggy]

You can also edit the "keyword.URL" option in about:config to change the default address bar behaviour.

Re:This will have interesting results for webmaste

[TreyGeek]

If you create a webmaster account with Google and register your site, Google will tell you how many people they send to you. They'll also give you a lot of other information like where in the list of search results was your website when it was clicked on.

SSL Wikipedia & TPB

[cffrost]

Wikipedia and TPB have SSL versions available as well:

English Wikipedia: https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page

The Pirate Bay: https://thepiratebay.org/

Still waiting on Slashdot to join the 21st century.

Re:Now we just need Google itself to stop retainin

[natehoy]

And turning off Javascript will help you how?

The links themselves are google links, regardless of whether JS is on or off, your click goes to something like:

http://www.google.com/url?sa=t&source=web&ct=res&cd=3&ved=0CBoQFjAC&url=http%3A%2F%2Fblah.blah.com%2Fbyu%2Findex.php%3Fp%3D15365%26more%3D1%26c%3D1%26tb%3D1%26pb%3D1&ei=2fn7S4mMEsGBlAem2fTBDw&usg=AFQjCNHWjfNi_UtFFF-vpxP0qcH9eQKvzg&sig2=pjkVdJt9EijRDfi3g7eMsA

And Google captures the bits they want then sends you to the page they showed you in the first place.

Retype the URL from orbit, it's the only way to be sure.

For Google Chrome

[ClosedEyesSeeing]

Tools -> Options
Basics Tab -> Manage button for default search
Add Button ->
Name: SSLGoogle (or whatever you want)
Keyword: sslGoogle (or whatever you want)
Url: https://www.google.com/search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q=%s

Re:I fail to see

No, that's not how https works. All a network administrator will see is what host was connected to. After the secure socket is opened, only then is the command sent out over the encrypted stream to "GET someresource".

Simple Chrome and Firefox howtos:

[catmistake]

instructions for chrome & firefox:

firefox

chrome

Re:So much for "do no evil"

[Dumnezeu]

But at least your ISP won't.

Re:I fail to see

[StikyPad]

All I saw was https://login.yourbank.com/?login=********&password=********