HTTPS as a ranking signal
 

What the...... is wrong with Google now?

http://googlewebmastercentral.blogsp...ng-signal.html

Well that sucks monkey balls.

So what will that cost me for every site I have?

At least I can make money on clients updates.

Google has to be destroyed... Too much crap from them this year.

Nothing wrong in here, unless it means that every fucking page has to be https, or use it on sites, those really don't need it (well, you can always secure admin area with it).


EDIT: They mean securing every fucking page online. What about the famous "speed"? SSL makes pages slow down inevitably and seriously.

:error:helpme

This is actually quite funny. Who could potentially gather data from your internet behaviour? There is not much entities: Google, government, some ad networks. Does this HTTPS prevent them from gathering data: no.

Good point, aka123...

Google algo on steroids

they keep surprising me...

And another thread that highlights just how out of touch with the web most GFYers are.

The internet is controlled by business & crime really, not by government. The new world order is allowing this, because they know business will inevitably fuck it up by getting greedy and fucking to many people over for to much. The masses will be BEGGING for one world governmental entity to control the internet. :2 cents:

In the end, probably 10-20 years from now, lose your SSL certificate and be taken off the internet.

Soon certificates will cost $5.

LOL. Internet is already controlled with numerous laws and with means to enforce those laws. There is no need for some "world government" to start doing that, as it's already being done. But if you mean "controlling" like mommy holding child from the hand, I don't think so, unless they "upgrade" you to robot.

Maybe you should be worried about the fact that you have very good chances of having a parasite, that really does control your behaviour (not robot like). About 30-60 % of world population has it.

I'm not worried. Things are always changing. This is an indication of us heading in a particular direction at a slightly accelerated pace.

.

And this is where they are crossing the line. Now they are openly admitting to penalizing pages arbitrarily to advance their own agendas unrelated to quality factors. It's not Google's position to FORCE people to adopt a certain technology under the threat of penalizing them with financial implications. What's next? In two years will they be pushing their own proprietary technologies?

They already do: Google plus for example.

Although Google explains these actions as a means to provide the most value for user (like the speed thing). And they are at least partially correct in that, but maybe they should ask from the users what brings value to them, instead of deciding for them.

Google forcefully creating extra demand for the SSL certificate issuing business.

In John Mueller's replies to his blog post linked by the OP he gives a clear indication of the particular path they are going to take, and the particular type of high end encryption they will require at some point. Google acquires an average of 10 patents a day (source)

"Google says it now controls more than 51,000 patents and patents pending." (source)

Find the ones related to SSL & beyond, that's where it's headed.

Just a hint :winkwink:

and of course a self signed certificate wont work

:1orglaugh:thumbsup:Oh crap

No they don't. They were actually caught trying to snoop Google's data as it was transferring from network to network, so they also encrypted that.

HTTPS is good. Stop being a fucking cheap ass and spend and extra $10/yr on your fucking business.

You're being ignorant. The costs can be far higher than $10. There are many technologies which do not work with https. For example my varnishd set up does not work with it. Getting rid of it means at least 70% more resources and higher costs for server fees in my case. And for what? There is nothing on the sites which require this degree of privacy or security.

Sure, MR. Cheap, Browser-shrowser. What if you run hundreds of sites? What then? It's not $10... add some zeros and then come back and talk again... As signupdamnit said, especially on sites which do not even require it.

You can get Varnish and HTTPS to work nicely together. Hire someone who knows what they're doing if you can't.

Then you fail to understand the usefulness of HTTPS.

It's good to know when one is being handed their hat

Sure... :1orglaugh

HTTPS is overhyped. It relies on the SSL certificate system which is flawed by design.

Let me explain.
The browsers have a list of root certificates which it trust. These root certificates are from certificate authorities.

Many people believe that they are safe - as long as they buy an expensive certificate from a costly high-end certificate authority with a good reputation.

The problem is that the browsers will trust the authenticity of a certificate as long as it is verified by any root authority. It means that if only one root certificate is compromised - then all certificates are compromised, also those certificates which were issued by other root authorities.

For example if some malware adds a fake root certificate to your browser, then all communication with HTTPS-protected sites is vulnerable to man-in-the-middle attacks.

So the "security" in SSL is way overhyped.

I think the real motivation behind Google's move is to force website owners to use certificates. That would give more turnover for the certificate authorities and it would also reduce privacy for website owners.

Oh noes... My heart is bleeding...

probably they (Google) got angry after this slide and its smiley :1orglaugh:1orglaugh
http://www.newyorker.com/wp-content/...y-face-580.jpg

$7.99/yr is "expensive"? You're in the wrong business, kiddo.

That could be pricey for some large network owners (500+ blogs)

You conveniently forgot this part:

I ignored it because of how stupid it is.

Please read a book about how SSL actually works before opening your ignorant mouth, "kiddo". :winkwink:

Depends what is your income (relative cost), but the fixed sum doesn't change anyway.
But Google might actually try to smoke out these kind of networks, especially if the added value per blog is low (like it probably is). Of course you can decide not to get the SSL, there is no way how Google could force into that, as you are the webmaster, not Google.

Is that you JohnyClips ?

I know how SSL works, doesn't make your sentence any less dumb.

It's never too late to learn something new. Here you go :winkwink:
http://nakedsecurity.sophos.com/2010...hoqp-verisign/

Also..
http://nakedsecurity.sophos.com/2011...-who-we-trust/

https://www.varnish-cache.org/docs/trunk/phk/ssl.html

At best you forward it to Apache or to another server. Which defeats the purpose of running varnish in the first place.

2011 was a good year. Aaaaah back in the day

Yeah and even if your server does support HTTPS performance will be slowed when streaming video. Handing off video and/or lots of images to the cloud will increase your performance. All part of the plan ;)

Your article doesn't address the issue of root authorities - and their associated problems. Please read the 2 links I posted. They explain the problems with the SSL system.

I smell google ssl certs on the horizon.

Dude, look at the bigger picture.

Maybe connected to the Google+ account?

Got a few SSL on some mainstream sites along with malware scanners that don't really need them but more of a confidence booster to help make the sale. Luckily found a pretty cheap source for them so doesn't hurt the wallet as much as it could.

I'm betting this has to do with wanting to switch to ipv6 more then anything.

So they can get everyone tracked down to an ip.