Google on Friday announced yet another security improvement for Chrome 25. In addition to killing silent extension installation, the omnibox in Google’s browser will send all searches over a Secure Sockets Layer (SSL) connection.
Chrome already does this for users who are signed in to Google: when they search from the address bar, their queries are sent over HTTPS. As of Chrome 25, however, the same will happen for users who aren’t signed in to Google.
We saw Google was experimenting with this feature last month, but couldn’t get the company to comment on the change. Either way, testing appears to be complete and Google is getting ready to roll out the security improvement.
For those who don’t know, Hypertext Transfer Protocol Secure (HTTPS) is a secure communications protocol. Technically, it’s not a protocol in itself: it actually consists of the SSL/TLS protocol with an HTTP layer on top.
In its announcement, Google provided a quick history lesson:
Serving content over SSL provides users with a more secure and private search experience. It helps ensure that malicious actors who might intercept people’s internet traffic can’t see their queries. Many major sites have begun serving content over SSL by default, such as Gmail in early 2010, Twitter in February 2012, and Facebook in November 2012. Search has also been moving toward encryption. Google introduced Encrypted Search in May 2010 and made encryption the default for signed-in users starting in October 2011. Firefox announced a switch to SSL for all Google searches in July 2012, and Safari did the same thing in September 2012. Chrome is continuing this trend.
The best part is undoubtedly that users shouldn’t notice a difference. We would guess there would be a slight slowdown, but Google says that searches will be slightly faster due to Chrome’s implementation of the SPDY protocol, which by the way Firefox also supports.
Image credit: Paolo Gadler