How is encrypted.google.com/ different from google.com?

34    Asked by AlisonKelly in Cyber Security , Asked on Sep 23, 2022

Is there any difference between the encrypted Google search (at https://encrypted.google.com) and the ordinary HTTPS Google search (at https://google.com)?


In terms of security, what were the benefits of browsing through encrypted Google search?

Answered by ananya Pawar

According to Google, the difference is with handling referrer information when clicking on an ad.


After a note from AviD and with the help of Xander we conducted some tests and here are the results

1. Clicking on an ad:

https://google.com : Google will take you to an HTTP redirection page where they'd append your search query to the referrer information.

https://encrypted.google.com : If the advertiser uses HTTP, Google will not let the advertiser know about your query. If the advertiser uses HTTPS, they will receive the referrer information normally (including your search query).

2. Clicking on a normal search result:

https://google.com : If the website uses HTTP, Google will take you to an HTTP redirection page and will not append your search query to the referrer information. They'll only tell the website that you're coming from Google. If it uses HTTPS, it will receive referrer information normally.

https://encrypted.google.com : If the website you click in the results uses HTTP, it will have no idea where you're coming from or what your search query is. If it uses HTTPS, it will receive referrer information normally.

The same topic was covered in an EFF blog post.



Your Answer

Interviews

Parent Categories