Google launched a new beta service this week–encrypted search using SSL (secure sockets layer) to protect searches from being snooped or intercepted while traversing the Internet. Encrypted Google search is still not entirely private, but it has benefits for individuals and businesses to ensure sensitive information is not exposed to prying eyes.
The new encrypted Google search is easy enough to use. Simply type “https” at the beginning of the URL rather than “http”. Doing so sets up an encrypted pipe between your Web browser and Google so that any search traffic is kept private between you and Google.
It is not completely private because obviously Google still has a record of what you searched for. Google has established its reputation based on the “Do No Evil” mantra, and most businesses and users implicitly trust that Google won’t do anything insidious with its omniscient cataloging of every bit and byte that crosses the Web. But, Google has faced privacy challenges again and again, including the recent revelation that it has “accidentally” captured and archived intercepted wireless data with its Google Street View cars for years.
Assuming Google can be trusted not to abuse the data it has access to, and that it can be relied on to guard the data it stores from compromise by unauthorized users, that becomes a non-issue and IT administrators can focus on the benefits of the new encrypted Google search.
The most obvious benefit is that searches can’t be intercepted. But, for businesses there is another feature of the encrypted Google search which has an even more relevant and directly applicable benefit. Searches conducted via Google encrypted search are not archived in history and won’t appear in the autofill during a subsequent search.
While there may be some risk of a network sniffer or other unauthorized interception of search traffic as it crosses from your Web browser to Google and back, there is a much larger risk of intentional or inadvertent exposure of search terms or results from the history and cache data stored locally on the computer.
Searches may yield hints regarding ongoing research and development, confidential intellectual property, upcoming product or service announcements, or other sensitive information that is not intended for unauthorized consumption. Google encrypted search does not store that information, so there is no risk of someone stumbling onto it later.
The Internet Explorer 8 Web browser has an InPrivate Browsing mode which behaves similarly on the local computer. InPrivate Browsing protects the entire browsing session by not saving Web history, cookies, temporary Internet files, or other data. However, it doesn’t protect the data as it is crossing the Internet.
The beta of Google’s encrypted search only works with the core search functionality–not Images, or Videos, or Maps, etc. It also doesn’t keep the browser history clear of URL’s that are entered directly (as opposed to via a Google search). Perhaps an even more secure solution is to use the encrypted Google search from within an InPrivate Browsing session on Internet Explorer 8.
You can follow Tony on his Facebook page , or contact him by email at firstname.lastname@example.org . He also tweets as @Tony_BradleyPCW .
Follow Tech Audit on Twitter.