Why does google want us to be on https ?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • KillerK
    Confirmed User
    • May 2008
    • 3406

    #1

    Why does google want us to be on https ?

    Can someone please share why they want us to be https?
  • pornmasta
    Too lazy to set a custom title
    • Jun 2006
    • 20016

    #2
    Originally posted by KillerK
    Can someone please share why they want us to be https?
    because the nsa can handle its decryption but not its competitors

    Comment

    • sandman!
      Icq: 14420613
      • Mar 2001
      • 15431

      #3


      Originally posted by pornmasta
      because the nsa can handle its decryption but not its competitors
      Need WebHosting ? Email me for some great deals [email protected]

      Comment

      • Barry-xlovecam
        It's 42
        • Jun 2010
        • 18083

        #4
        To eliminate all of the thin content sites that cannot afford the expense and effort to install HTTPS (TLS) certs.

        HTTPS is worthless on 90% of websites -- they are not interactive or used in personal data processing ... Header requests (creating user logs) are made in plaintext to HTTPS addresses.

        If fully implemented, they will have to find something else for Matt Cutts to do

        Comment

        • PaperstreetWinston
          Confirmed User
          • Jan 2014
          • 2604

          #5
          Originally posted by pornmasta
          because the nsa can handle its decryption but not its competitors
          like he said
          Winston
          Affiliate Support
          PaperstreetCash MYLFMoney Charger Cash

          Skype: mikrocosmos1
          Email: [email protected]

          Comment

          • Arnox
            Confirmed User
            • Sep 2009
            • 2169

            #6
            Originally posted by Barry-xlovecam
            To eliminate all of the thin content sites that cannot afford the expense and effort to install HTTPS (TLS) certs.

            HTTPS is worthless on 90% of websites -- they are not interactive or used in personal data processing ... Header requests (creating user logs) are made in plaintext to HTTPS addresses.

            If fully implemented, they will have to find something else for Matt Cutts to do
            I don't think Matty boi has been at G for a year or so now.
            Need Text? X Copywriters | Adult Writing Service - [email protected]

            Comment

            • PAR
              Confirmed User
              • May 2005
              • 1835

              #7
              Originally posted by Arnox
              I don't think Matty boi has been at G for a year or so now.
              https://www.mattcutts.com/blog/on-leave/

              He is still with google, he did take a "leave" but is still with google..

              I'm not sure the full goal behind google and HTTPS...

              I have read that it is to mane the internet a little more secure, but with a growing popularity of HTTPS. It has led to HTTPS becoming a chosen vector for malware attacks.
              In other words, the secure socket layer is no more secure.

              Comment

              • Barry-xlovecam
                It's 42
                • Jun 2010
                • 18083

                #8
                Matt's just wearing Google clown shoes ...

                But this HTTPS reasoning is faulty at face level ...

                Comment

                • KaliC
                  Sexy Beast
                  • Jan 2005
                  • 617

                  #9
                  I would wait a couple months before putting any weight in this.
                  AdultWebHosting.com

                  Comment

                  • Freedom6995
                    Friends of Venus founder
                    • Jul 2010
                    • 1975

                    #10
                    Originally posted by Barry-xlovecam
                    To eliminate all of the thin content sites that cannot afford the expense and effort to install HTTPS (TLS) certs.

                    HTTPS is worthless on 90% of websites -- they are not interactive or used in personal data processing ... Header requests (creating user logs) are made in plaintext to HTTPS addresses.

                    If fully implemented, they will have to find something else for Matt Cutts to do
                    Free certs here https://www.eff.org/deeplinks/2014/1...ypt-entire-web

                    Comment

                    • seeandsee
                      Check SIG!
                      • Mar 2006
                      • 50945

                      #11
                      NSA want to be only to access that communication, end
                      BUY MY SIG - 50$/Year

                      Contact here

                      Comment

                      • Barry-xlovecam
                        It's 42
                        • Jun 2010
                        • 18083

                        #12
                        Originally posted by Freedom6995
                        Tell that to people that operate over 1000 domain networks.

                        [i]ncluding account hijacking and identity theft; surveillance and tracking by governments, companies, and both in concert; injection of malicious scripts into pages; and censorship that targets specific keywords or specific pages on sites....
                        That's mostly a crock of shit ... HTTPS (TLS) just encrypts data -- it doesn't change or filter data -- just encrypts the data from the browser to the server and back to the browser from the server. If an embedded iframe with an exploit is on a HTTPS server it will not raise an HTTPS exception -- both servers are HTTPS and a registered HTTPS Cert exists within a browser recognized issuing repository.

                        So, the "villains" fake register their domains and get their certs (for free!!!) YEAH! we are safe - LMFAO.

                        Will these free certs be *.wildcard certs or domain specific? All sub domains (including mail, ftp, www) are considered separate domains for HTTPS certs, unless the are wildcarded and each certificate has to be installed on the server. The certs need to be re-installed on upgraded (not updated) server os installs.

                        Also, the NSA has reportedly broken HTTPS encryption
                        NSA-Documents: Attacks on VPN, SSL, TLS, SSH, Tor - SPIEGEL ONLINE

                        This whole HTTPS thing is a Google scam and maybe a NSA trap ...

                        Comment

                        • PAR
                          Confirmed User
                          • May 2005
                          • 1835

                          #13
                          Originally posted by Barry-xlovecam
                          Tell that to people that operate over 1000 domain networks.



                          That's mostly a crock of shit ... HTTPS (TLS) just encrypts data -- it doesn't change or filter data -- just encrypts the data from the browser to the server and back to the browser from the server. If an embedded iframe with an exploit is on a HTTPS server it will not raise an HTTPS exception -- both servers are HTTPS and a registered HTTPS Cert exists within a browser recognized issuing repository.

                          So, the "villains" fake register their domains and get their certs (for free!!!) YEAH! we are safe - LMFAO.

                          Will these free certs be *.wildcard certs or domain specific? All sub domains (including mail, ftp, www) are considered separate domains for HTTPS certs, unless the are wildcarded and each certificate has to be installed on the server. The certs need to be re-installed on upgraded (not updated) server os installs.

                          Also, the NSA has reportedly broken HTTPS encryption
                          NSA-Documents: Attacks on VPN, SSL, TLS, SSH, Tor - SPIEGEL ONLINE

                          This whole HTTPS thing is a Google scam and maybe a NSA trap ...
                          All true, if it wasn't then the current tread in malware to target https would not even be possible.
                          As for the NSA, also true, They also have their hands on a new quantum computer that in a few years in theory would be able to unlock just about anything...

                          Comment

                          • KaliC
                            Sexy Beast
                            • Jan 2005
                            • 617

                            #14
                            Originally posted by PAR
                            All true, if it wasn't then the current tread in malware to target https would not even be possible.
                            As for the NSA, also true, They also have their hands on a new quantum computer that in a few years in theory would be able to unlock just about anything...
                            I never understood this, most security blocks any systems trying to crack a password. Not matter how much power if the IP is blocked after 5 fails and there is a million differant options that would take a 200k IPs.
                            AdultWebHosting.com

                            Comment

                            • fappingJack
                              So Fucking Banned
                              • Dec 2014
                              • 2172

                              #15
                              Nice discussion following this thanks

                              Comment

                              • Barry-xlovecam
                                It's 42
                                • Jun 2010
                                • 18083

                                #16
                                Originally posted by KaliC
                                I never understood this, most security blocks any systems trying to crack a password. Not matter how much power if the IP is blocked after 5 fails and there is a million differant options that would take a 200k IPs.
                                The traffic (packets) is intercepted and stored to be encrypted before they reach the destination server -- then the process could be reversed intercepting the traffic (packets) containing the response to the client.

                                Security software on a server would be meaningless -- this is not a password cracking attack -- it is a traffic (packets) interception.

                                Anyone sophisticated would just encrypt text communications with very long random passwords. So, either terrorists and criminals are very stupid or a lot of this is intentional disinformation leaked. There are inconsistancies

                                from http://www.spiegel.de/media/media-35534.pdf
                                Code:
                                %PDF-1.3
                                %âãÏÓ
                                1 0 obj
                                <<>>
                                endobj
                                2 0 obj
                                <</Pages 3 0 R /Type /Catalog>>
                                endobj
                                3 0 obj
                                <</Count 16 /Kids
                                  [4 0 R 9 0 R 14 0 R 19 0 R 24 0 R 29 0 R 34 0 R 39 0 R 44 0 R 49 0 R
                                  54 0 R 59 0 R 64 0 R 69 0 R 74 0 R 79 0 R]
                                  /Type /Pages>>
                                endobj
                                
                                VIM - Vi IMproved
                                version 7.4.52
                                by Bram Moolenaar et al.
                                Modified by [email protected]
                                Vim is open source and freely distributable
                                History Documentation of PDF version 1.3 was published in July 2000 in association with the release of Acrobat version 4. PDF 1.4 was published in November 2001, and corresponds to Acrobat version 5.

                                PDF_1_3, PDF Versions 1.0-1.3
                                So, we are to believe that this document was made on Acrobat 4 on February, 2012 (the date is 1/2 horizontally obscured)? Does that all seem a little strange to you? This raises a lot of red flags with me.

                                I have found other inconsistencies in some of these Snowden leaked documents so far too. I am skeptical of all of this from what i have seen ...

                                Comment

                                • TobySwan
                                  Registered User
                                  • Jan 2015
                                  • 91

                                  #17
                                  wait abit before worrying about it
                                  tobyswan
                                  CSS3 | HTML5 | Design | Wordpress | Tubes

                                  ICQ: 677-971-646
                                  E: [email protected]
                                  SKYPE: toby.swan1


                                  Comment

                                  • slapass
                                    Too lazy to set a custom title
                                    • Nov 2002
                                    • 14625

                                    #18
                                    So did this go away?

                                    Comment

                                    • DraX
                                      Confirmed User
                                      • Oct 2002
                                      • 7147

                                      #19
                                      So what's the future deal of this, should you get HTTPS on your site even though you don't need it technology wise?

                                      Yes it's a question, im wondering....

                                      Is there really any favors google wise? If there's not, then this can be thrown in the toilet as long as you don't run a shopping website or any other kind of site that SHOULD have the encryption.

                                      Yes that's my 2nd question.
                                      Deposit Today With BTC - Play With Bitcoins

                                      Comment

                                      • Harmon
                                        ( ͡ʘ╭͜ʖ╮͡ʘ)
                                        • Mar 2004
                                        • 20012

                                        #20
                                        Originally posted by KaliC
                                        I would wait a couple months before putting any weight in this.
                                        I wouldn't.

                                        Make your sites responsive. Get your certificate. Shit is about to hit the fan. get in early, profit. Trust is huge to the end user. Google knows that. This will make the end user trust Google even more. Their results will all be SSL. Given time? The surfer will realize that they shouldn't trust a site without it.

                                        Google WILL make a PR when they are ready to go whole hog. It will NOT be on Baddog's website, nor GFY. They will educate the consumer about information exchange. It doesn't matter if you have a signup form or not. They want EVERY page to be that way. I kind of like it.

                                        Don't come back to this thread saying I didn't tell you so.
                                        [email protected]

                                        Comment

                                        • CPA-Rush
                                          small trip to underworld
                                          • Mar 2012
                                          • 4927

                                          #21
                                          to protect you more against middle man attacks

                                          automatic exchange - paxum , bitcoin,pm, payza

                                          . daizzzy signbucks caution will black-hat black-hat your traffic

                                          ignored forever :zuzana designs

                                          Comment

                                          • anexsia
                                            Confirmed User
                                            • May 2010
                                            • 5735

                                            #22
                                            Originally posted by Barry-xlovecam
                                            To eliminate all of the thin content sites that cannot afford the expense and effort to install HTTPS (TLS) certs.
                                            Services like Cloudflare offer free SSL and a new service by the EFF will be offering free certs this summer...not to mention you can also buy certs for $4/year.

                                            Comment

                                            • klinton
                                              So Fucking Banned
                                              • Apr 2003
                                              • 8766

                                              #23
                                              if you would read this article carefuly, you would know that mostly attacks on encryption are "succesfull" because of : a) stolen keys b) wrong implementation c) man in the middle

                                              nothing more, mathematic still works

                                              Originally posted by Barry-xlovecam
                                              Also, the NSA has reportedly broken HTTPS encryption
                                              NSA-Documents: Attacks on VPN, SSL, TLS, SSH, Tor - SPIEGEL ONLINE

                                              This whole HTTPS thing is a Google scam and maybe a NSA trap ...

                                              Comment

                                              • AdultKing
                                                Raise Your Weapon
                                                • Jun 2003
                                                • 15601

                                                #24
                                                Originally posted by Harmon
                                                Make your sites responsive. Get your certificate. Shit is about to hit the fan. get in early, profit. Trust is huge to the end user. Google knows that. This will make the end user trust Google even more. Their results will all be SSL. Given time? The surfer will realize that they shouldn't trust a site without it.



                                                Precisely.

                                                The two most urgent things that old school webmasters need to do is update their sites to be responsive and implement SSL.

                                                Implementing SSL is not difficult and you don't even have to get a certificate, just use Cloudflare.

                                                Mobile is big now and it's getting bigger all the time. Some of my sites have more than 65% of visitors coming on mobile devices. People really need to get their sites updated. I know I still have dozens of legacy sites which aren't mobile friendly, they'll suffer as a result.

                                                Comment

                                                Working...