Google today said that it’s now automatically re-routing HTTP web requests for pages on the www.google.com domain through the more secure HTTPS protocol. The “S” at the end stands for “secure,” and it means your connection between your computer and Google is encrypted — more directly, this protects you from man-in-the-middle attacks and other hacks.
This move does not only affect Google searches. There’s a whole lot of services available from the www.google.com domain, including Google Alerts, Google Flights, Google Maps, Google Trends, and Google Voice. Google Search and Google Maps both have more than 1 billion active users.
[aditude-amp id="flyingcarpet" targeting='{"env":"staging","page_type":"article","post_id":2017030,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"business,dev,security,","session":"D"}']To make this shift, Google is using the HTTP Strict Transport Security (HSTS) standard.
“HSTS prevents people from accidentally navigating to HTTP URLs by automatically converting insecure HTTP URLs into secure HTTPS URLs,” Jay Brown, senior technical program manager for security at Google, wrote in a blog post. “Users might navigate to these HTTP URLs by manually typing a protocol-less or HTTP URL in the address bar, or by following HTTP links from other websites.”
AI Weekly
The must-read newsletter for AI and Big Data industry written by Khari Johnson, Kyle Wiggers, and Seth Colaner.
Included with VentureBeat Insider and VentureBeat VIP memberships.
Google is doing this a few months after it announced that its search engine had started to index HTTPS pages by default. At the time Google suggested that webmasters start using HSTS, and now Google is doing just that for its own core domain.
Last year Microsoft started using HTTPS encryption by default for Bing.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More