Google Encrypts All Blogspot Domains With HTTPS

Reader Mickeycaskill writes: Google is continuing its crusade to encrypt the web by enabling an HTTPS version of every single domain hosted on Blogspot. The search giant started the rollout last September, but as an opt-in service. Now users can opt to visit an HTTPS version of a site without its participation, while administrators can turn on an automatic redirect so all visitors are sent to the encrypted version. "HTTPS is fundamental to internet security; it protects the integrity and confidentiality of data sent between websites and visitors' browsers," said Milanda Perera, security software engineer at Google. Google already encrypts its search results, Google Drive and Gmail, while it also ranks HTTPS-enabled sites higher in the search. Blogspot rival WordPress began rolling out HTTPS in 2014.

Simple question

Why is HTTP used anywhere now? I see no advantage to transferring any data in the clear. Why not use HTTPS everywhere?

Re:Simple question

[misosoup7]

That's Google's stance, which is why they're moving things on to HTTPS. The downside is that a SSL or TSS certificate is often not free and a lot of smaller sites can't afford it.

Which is some people are now trying to offer free SSL/TSS certificates, such as Linux Foundation's Let's Encrypt platform.

Re:Simple question

[Revek]

Certs cost usually and clear HTTP traffic is free.

Re:Simple question

[guruevi]

There have been 'free' SSL certificates for a very long time. You don't need to buy a certificate to enable encryption (it's just more convenient).

Re:Simple question

[bloodhawk]

Caching, proxies, performance, bandwidth, certificate management, filtering, inspection etc etc. Why encrypt public content that has no value?

Re:Simple question

Certificates cost money and the browser devices need a bit more electricity to decrypt data. The benefits of encrypting public blog pages for the transmission is a bit unclear to me.

Re: Simple question

[xenobyte]

You can get a basic SSL certificate for $5 or something like that these days.

Re: Simple question

[SerenaGil]

Yes, absolutely true. Many ssl resellers and trusted providers are offering ssl certificate unders $10. But recently seen under $5 price for ssl certificate at this coupon code site https://www.cheapsslcouponcode... Not checking yet that price is working or not.

WOW! Such Technical Innovation!

This Google company must be pretty elite and is right on top of security.

Re:WOW! Such Technical Innovation!

[NotInHere]

Yeah, they are so elite. Just recently they have encypted their whole main site over https! Their main site, just think of the processing power required for this. Of course, slashdot is much more advanced than them, we already have encryption since months now.

Who signs the certificates and maintains the keys?

[mi]

HTTPS version of every single domain hosted on Blogspot

This may be overly cynical of me, but could they be doing this to imbue the sense of improved security, while still being able to decrypt and observe the traffic themselves? For themselves as well as for the government, where the particular datacenter is located?

And, yes, even if they are being self-serving, this is still good news for folks accessing these sites from places, where government does far worse things to the innocent, than mere snooping.

Gadgets

Now if they could fix their custom gadget support (custom gadgets have been broken for at least 6 months maybe more, trying to add one gives an error message even for their demo gadgets)....

Re: Gadgets

Please reply here with the exact steps to reproduce the issue and I shall try to fix it

Re: Gadgets

Blog overview -> Layout -> + Add a gadget (I'm doing "Sidebar-right-1" but I dont think it matters) -> Add your own
I put my custom gadget in and I get:
Customize Gadget
We are sorry, this gadget appears to be broken.
This gadget has errors, and cannot be used until fixed. "Learn more" (which links to a page that gives nothing useful that I could find).

Also fails with an example gadget:
https://developers.google.com/blogger/data/blog_social_example.xml

And now I'm finding links saying that you can't host gadgets on https, and hey, this probably DID break about the time I enabled letsencrypt on the server I'm hosting this on, and that sample gadget is https too...

Wow go figure, thought this post was going to be off-topic. :)

Re: Gadgets

I should note that I'm not doing anything too crazy in this gadget - just a single xhr (to an also ssl resource); just basically xhr a json, make a tree out of it. I use data urls for some images, but I'm not sure why that would cause issues.

Just tried turning on ssl for the blog, didn't help (was thinking it was some crazy mixed content issue or something) as there's now a warning splattered all over the gadget pages of "Some gadgets contributed by third party developers may not be compatible with HTTPS." and a link to a page describing mixed content issues. The main gadget page has a crapton of mixed content warnings popping up. But I would hope that would allow me to add the gadget still - I'd just get mixed content warnings when viewing it?

Also noticed i"m getting "choose-gadget?blogID=[blocked]&sectionId=sidebar-right-1&cat=custom:7 Uncaught ReferenceError: loadEditor is not defined" in the console from the "add your own" page. Actually submitting my gadget to the page results in a page back with the error I noted before, but nothing in the console.

All of this is in Chromium-Incognito (no extensions). A buddy tried in Chrome on Windows, same exact issue. This was working for over a year - someone removed it from the page and now I can't re-add it.

I'd be interested to know why their example doesn't work; I'm not the only one who can't load that one (aforementioned friend, other ppl on the web). I'd feel a lot more confident I was doing something stupid if that one worked. Maybe I'm missing some blog setting that got flipped?

Re: Gadgets

....Aaaand if I paste in the content into a normal "html / javascript gadget" (where you provide the markup and code direct to the textbox instead of a url with an xml wrapped gadget) it works. Too lazy to disable ssl on my site to verify. This kind of works but makes me hardcode my preferences (well, I already hardcode, though eventually I'd like to abstract that stuff out and do it right).

If you're a googler: assuming there's a server pull of the provided .xml, maybe the trust store on the client needs updating? Or maybe the code itself? I'm using the best practices I find on ssllabs; handshake simulation works to everything but WinXP. Also I'm IP4 & 6, with DNS records for both.

Though (unless I miss it) I don't see any errors in my logs from a google IP (and no requests for the provided url) while tailing the logs and recreating the issue... Not even trying to fetch?

If it's a client pull its borked - no xhr or error reported in the console.

---

and actually I see a successful request for the file 5/2 with UA feed-fetcher from a google IP...!? wtf...

Four excuses against HTTPS

[tepples]

Why not use HTTPS everywhere?

There are about three reasons:

Third-party resource does not support HTTPS Mixed content policies tend to block use of HTTP resources in HTTPS documents. For example, until September 2013, no major ad network supported HTTPS, and websites redirected non-subscriber visits from HTTPS to HTTP to ensure ad display. September 2013 is when AdSense added HTTPS. Shared web host without HTTPS In the early 2010s, many shared web hosts charged extra for HTTPS support. Having already paid for several more months of hosting is a disincentive to switching. Troublesome certificate renewal Let's Encrypt, a recently popular CA that issues domain-validated certificates automatically using the ACME protocol, currently makes them valid for 90 days. But some shared web hosts do not offer anything like cPanel for automatic installation of a renewed certificate. Instead, they require manually filing a support ticket every time the certificate is renewed. WebFaction is like this, and someone has staged a passive-aggressive protest by making an an ACME client that requests a certificate and then automatically files a support ticket. Users of SNI-ignorant browsers The site shares an IPv4 address with another site, and the site receives significant traffic from web browsers that do not support Server Name Indication, which allows name-based virtual hosting of HTTPS sites. The most popular such browser was Internet Explorer on Windows XP. But since April 2014, this browser has reached its end of support. Not only has its usage share plummeted, but because it is no longer receiving security updates, we can assume it to be no longer secure against man-in-the-browser attacks.

Re:Four excuses against HTTPS

[dgatwood]

You left out one, and it's a pretty big one. By policy, no certificate authority is allowed to issue a TLS certificate for any host in the .local domain, because there's no ownership/legitimate control over those domains, multiple people could legitimately lay claim to the same domains on different networks, and the domain names are chosen by random end users who don't even know what a TLS certificate is, much less how to buy their own domain name. Therefore, any Wi-Fi-connected device that needs to serve content via DNS service discovery must currently use an unencrypted connection.

IMO, that's a rather serious flaw in the notion of requiring HTTPS everywhere. Unlike the issues you listed, which all fall into the category of "because X hasn't upgraded Y yet" or "because X hasn't bothered to support it yet", this one is actually a problem for which there is currently no solution, and any possible solution would require completely changing the way we think about site security, moving us from a strict central trust model to something much more flexible and decentralized.

Basically, until that problem is solved, the IoT is DOA as far as HTTPS is concerned.

Re:Four excuses against HTTPS

[tepples]

You make a good point about DNS service discovery being incompatible with CAs. This thus makes DNS service discovery incompatible with Service Workers and other new features that browser publishers have declared to be HTTPS-only.

It's A Filter

[bretts]

The downside is that a SSL or TSS certificate is often not free and a lot of smaller sites can't afford it.

Good observation. Google wants to filter out independent voices so that paid interests predominate. That benefits Google's business model more than search results pointing people to free sites.

Let's Encrypt

[tepples]

The downside is that a SSL or TSS certificate is often not free

Certificate cost is no longer the obstacle it used to be, as a TLS certificate is free unless you need organizational validation. StartSSL and WoSign have been providing domain-validated (DV) certificates without charge to individuals for years, and automated ACME CA Let's Encrypt has been in operation for several months.

Re:Let's Encrypt

[NotInHere]

Its almost free for google anyway. They have their own CA, so while they have to maintain to fulfill CA requirements and do all the paperwork, they do not have to pay for one particular certificate.

Re:Let's Encrypt

[heypete]

Certificate cost is no longer the obstacle it used to be, as a TLS certificate is free unless you need organizational validation. StartSSL and WoSign have been providing domain-validated (DV) certificates without charge to individuals for years, and automated ACME CA Let's Encrypt has been in operation for several months.

Indeed. TLS certs are, as you point out, available for free. Even if one wishes to pay for a cert, DV certs are available for a pittance: Comodo's PositiveSSL certs are available for as low as $14.97 for three years ($4.99/year) from SSLs.com, a reseller owned by NameCheap. I spend more getting take-out lunch one day than it'd cost to get a cert for three years. That's basically a non-issue when it comes to even the most budget-constrained websites.

Other interesting details:
- Comodo's PositiveSSL offering is one of the very few CAs that will not only sign elliptic curve certs, but will do so using a separate, all-ECC certificate chain. Their ECC root is in all major browsers, but it's cross-signed by their UserTrust RSA root for legacy users. Naturally, PositiveSSL also offers an all-RSA chain for those who prefer RSA certificates, but I thought it was cool they offer an all-ECC chain and charge the same price for ECC or RSA certs.
- StartSSL recently started signing ECC certs from their RSA chain (4096-bit root, 2048-bit intermediate). While not as quite secure as an all-ECC chain, it's fast: clients can verify the RSA signatures quickly, and the server can perform fast ECDSA signatures/ECDHE key exchanges quickly.
- WoSign uses StartPKI, StartSSL's managed-PKI offering that chains up to the StartSSL root. Nifty. I knew StartSSL has offered that for a while but I'd never seen any such intermediates in the wild before.

Full disclosure: I have no relationship with Comodo, StartSSL, SSLs.com, NameCheap, etc. other than being a paying user. I don't get any compensation, direct or otherwise, from mentioning them.

Re:Let's Encrypt

if only Google would add support for Lets Encrypt to Google App Engine. Let's Encrypt certificates expire after 90 days, but are supposed to be easy to automate renewal.

Except app engine requires you to manually upload the certificates every 90 days- they really need an API or built in support for Let;'s Encrypt

Re:Let's Encrypt

[thegarbz]

Except last I checked neither company offers wildcard certificates which makes it somewhat useless when running multiple virtual servers.

Re:Let's Encrypt

[tepples]

If each virtual server has its own IP address, each virtual server can install its own certificate to its own web server. If they share an IP, the SSL terminator in front can select the appropriate certificate to present to the browser based on the SNI hostname provided by the browser.

Re:Let's Encrypt

[thegarbz]

That is true, but that requires registering each virtual server with it's own SSL certificate. Fine if you're doing a few fixed domains, less fine with each domain you add, and even less fine if the domains don't stick around.

Re:Who signs the certificates and maintains the ke

[heypete]

This may be overly cynical of me, but could they be doing this to imbue the sense of improved security, while still being able to decrypt and observe the traffic themselves? For themselves as well as for the government, where the particular datacenter is located?

How is encryption of data on-the-wire relevant to the observation of data stored in their datacenters?

Whether or not they use HTTPS, Google has always been able to access the content of Blogspot-hosted blogs because Google runs Blogspot and the data resides on their servers. Adding HTTPS doesn't change that at all.

Re:Who signs the certificates and maintains the ke

[mi]

Google has always been able to access the content

Sure. But now the users will think themselves more secure. And they will be indeed — except not from Google.

Adding HTTPS doesn't change that at all.

You and I realize this. Many others might not.

I don't understand

[rduke15]

I don't understand this rage to encrypt everything. I publish some web pages (a couple of blogs, my résumé, a few very specific instructions pages, etc) and cannot see any reason to have these pages delivered over encrypted links.

I use the web to _publish_ stuff, and to read what others _publish_. When I buy a newspaper at my local newsstand, I don't want it encrypted, and I don't care that the owner knows what papers I read.

While there are many good reasons to have some web traffic encrypted (passwords, transactions, ...), this sudden movement to encrypt everything looks really weird to me.

Or are there reasons which I don't see, why some people or entities would have some interest in everything being encrypted?

Re:I don't understand

[heypete]

HTTPS provides several benefits:

- Encryption which, as you point out, keeps other parties from knowing the content of data you access. Sure, the bulk of that data may be mundane, everyday stuff that you don't really care if anyone knows about, but there's no harm in keeping it private in transit. It's the same reason you enclose letters in envelopes rather than sending postcards.

- Verifying the authenticity of the server. Domain-validated certificates offer a relatively low level of validation, but they still provide you reasonable assurance that the server you're communicating is the one operated by the actual owner of that domain name -- your connection isn't being intercepted and spoofed by some shady wifi hotspot, for example. Organization-validated and Extended Validation certificates provide higher degrees of validation, and include details (e.g. company name, location, etc.) of the entity to whom the certificate was issued.

- Tamper-resistance. All HTTPS connections provide tamper-resistance by using either HMAC or AEAD ciphersuites. This prevents third parties from altering the content. A public hotspot or your ISP may inject content, malicious or not, into unencrypted connections. HTTPS prevents this.

Considering that there's essentially no costs for using HTTPS (certificates are free or exceedingly cheap, CPUs have hardware support for AES so there's basically no overhead for encrypting data, ECDHE key exchanges are extremely fast, as are ECDSA signatures, and so present minimal load to servers. RSA signing is a bit slower for servers, but modern CPUs are fast and TLS handshakes are brief and only happen occasionally.) and many benefits, why wouldn't everyone want to secure data in transit?

Re:I don't understand

[Shados]

If you write a blog post that gets reasonably popular, someone MITM it and changes a link you recommended to one that has a shadier purpose, it can screw over some visitors.

https helps with that.

Re:I don't understand

passwords

That's the reason.

It's far, far easier to just throw SSL up over everything instead of dicking around and only enabling SSL for communication of passwords.

Re: I don't understand

So you'd be OK with a man in the middle modifying your resume any way they want on its way to a potential employer?

Re:I don't understand

[Opyros]

There is one possible cost: people with slow Internet connections may find it almost impossible to finish loading a page on your site. (This has happened to me more often than not since Slashdot switched to https.)

Re:I don't understand

[vtcodger]

"and I don't care that the owner knows what papers I read."

Which of course, they do anyway since they do one end of the encryption/decryption. And in any case, the site owner, their ISP, your ISP, everyone in between, the NSA, the Chinese, white hat hackers, evil hackers, and everyone else who cares knows "what paper you read" albeit not necessarily what specific content you are interested in. The IP routing information isn't (more or less can't be?) encrypted. So the fact that you sent packets to/ received packets from, for example, 172.217.3.4 is knowable whether or not the packet contents are encrypted.

End to end encryption might indeed be part of a secure internet. But we don't currently have the slightest idea how to secure internet communication. And yes, now that you ask, that IS something of a problem. Universal HTTPS seems more of a modest usability problem than a solution to any real problem. Security theatre like the TSA horror show at airports? (Whaddyamean I can't take this jug of maple syrup that I bought at the airport store onto the plane?)

Re:I don't understand

how? if someone is in such a privileged position in either the hosting network or your network to MITM your connection SSL isn't going to save you.

Re:I don't understand

[thegarbz]

Funny you should say that rduke15 ... if that is in fact your real name!

When you use the web to publish how do you control what you publish? You sound like you live in a nice country where you can't be prosecuted for your ideas or the things which you read. Not everyone does so. What to you is an innocuous article you wrote on some incredibly stupid thing the ruler of an oppressive regime has done is to someone else content that could potentially affect their lives.

I for one consider myself lucky to live in a world where I can call our leaders ball licking douchbags and not have to worry. But for some people in the world they may not be able to make a comment like that, even here on Slashdot without the ball licking douchbags' gulag knowing.

Re:I don't understand

[ultranova]

I use the web to _publish_ stuff, and to read what others _publish_. When I buy a newspaper at my local newsstand, I don't want it encrypted, and I don't care that the owner knows what papers I read.

Anonymity is like a seatbelt: you don't need it most of the time, but when you do, you either have it or die.

Re:I don't understand

After years of firesheep and the like, this is fixing a real problem that really exists. It might not impact you if you never use a public hot spot (obviously you're smart enough to never trust those with anything) but for almost zero effort, this improves security for the masses who don't know better.

Re:Who signs the certificates and maintains the ke

[Archangel+Michael]

The data between server and client is secured. Nobody can steal your passwords in route because they are locked up in an envelope. This is marginal security improvement, and a much needed one.

slow https loading

[JcMorin]

This is mostly related to antivirus that do extra certificate verification.

Strict-Transport-Security

[manu0601]

Oddly, they did not enable Strict-Transport-Security

Great

Now all they have to do is update their default templates to ones that doesn't look like something out of 2003.

If only they'd stop changing their certs weekly

Currently, Google changes all their certs several times a week. This is obviously bad, though most users will not notice, since they don't have browsers/extensions that warn about that.

That explains all the errors

That explains all the mismatched content errors.

Back in the day, many moons ago it was not uncommon to prefix all your image/script/css URIs with "http://" now all those sites break and in some cases horribly. Not to mention all the third party widgets that fail when called as https. I have seen plenty of big names that cannot handle calls to their API on https.

But not to worry most of these sites are unmantained.

SSH-style TOFU for DNS-SD

[tepples]

What you describe likewise falls into the category "because DNS-SD doesn't support a PKI yet". If it did, browsers would be updated to trust it for the local TLD. Until then, it's easier to apply a trust-on-first-use model, like that used by SSH, through the "add exception" button that browsers show for an untrusted issuer. The device generates a self-signed certificate, the user manually verifies the key fingerprint out of band on the exception screen, and the browser adds it to the list of user-vetted certificates. Public sites use a CA because it's impractical to verify the fingerprint out of band, but this verification is more practical on a LAN.

Re:SSH-style TOFU for DNS-SD

[dgatwood]

What you describe likewise falls into the category "because DNS-SD doesn't support a PKI yet". If it did, browsers would be updated to trust it for the local TLD.

I don't think PKI is really feasible for .local, because the definition of what is trusted for .local depends on what network you're using. I'm more than willing to trust certain arbitrary signing certs at work, but that doesn't mean I want to trust those signing certs if they suddenly show up on a server on some other network in the wild.

Until then, it's easier to apply a trust-on-first-use model, like that used by SSH, through the "add exception" button that browsers show for an untrusted issuer.

That's better than nothing, but in an ideal world, there would be some semi-out-of-band handshake-based pairing mechanism whereby you connect to the host, the host returns a credential, the browser rejects it and sends a challenge, and it displays the challenge on its screen. You type the challenge into your browser. Use EC or DH to exchange the challenge to make MITM impractical. Maybe also use BTLE or even RFID or NFC for parts of the handshake, thus ensuring that the devices must be a few inches apart and providing a second, semi-secure channel in parallel, minimizing the risk of both being compromised at once, and possibly making the process almost completely transparent to the user. (Touch the device to your computer, and poof, instant secure connection.)

The device generates a self-signed certificate, the user manually verifies the key fingerprint out of band on the exception screen, and the browser adds it to the list of user-vetted certificates.

Realistically, the user verifies only the first and last few digits, making it pretty easy to attack even most tech-savvy users. Besides, that would require a screen on the device that's big enough to show a key fingerprint. That's not always practical.

If it's automated with script, it's not labor

[tepples]

The point of ACME, the protocol used by Let's Encrypt, is that you can script the acquisition of a certificate for each domain on which you spin up a virtual server. If you also script association of the acquired certificate with each virtual server, there's very little ongoing labor.