Jump to content

Is Google's Promotion of HTTPS Misguided?


steven36

Recommended Posts

What is this?#  I've been writing about Google's efforts to deprecate HTTP, the protocol of the web. This is a summary of why I am opposed to it. DW

 

https://s7d1.turboimg.net/sp/16bcf51e6606acfbde058690f63e92ba/google-loves-https.jpg

 

      • Something bad could happen to my pages in transit from a server to the user's web browser.
      • It's not hard to convert to HTTPS and it doesn't cost a lot.
      • Google is going to warn people about my site being "not secure." So if I don't want people to be scared away, I should just do what they want me to do.
 
 
    • The web is an open platform, not a corporate platform.
    • It is defined by its stability. 25-plus years and it's still going strong.
    • Google is a guest on the web, as we all are. Guests don't make the rules.
 
    • A lot of the web consists of archives. Files put in places that no one maintains. They just work. There's no one there to do the work that Google wants all sites to do. And some people have large numbers of domains and sub-domains hosted on all kinds of software Google never thought about. Places where the work required to convert wouldn't be justified by the possible benefit. The reason there's so much diversity is that the web is an open thing, it was never owned.
 
    • Google has spent a lot of effort to convince you that HTTP is not good. Let me have the floor for a moment to tell you why HTTP is the best thing ever.
    • Its simplicity is what made the web work. It created an explosion of new applications. It may be hard to believe that there was a time when Amazon, Netflix, Facebook, Gmail, Twitter etc didn't exist. That was because the networking standards prior to the web were complicated and not well documented. The explosion happened because the web is simple. Where earlier protocols were hard to build on, the web is easy.
    • I don't think the explosion is over. I want to make it easier and easier for people to run their own web servers. Google is doing what the programming priesthood always does, building the barrier to entry higher, making things more complicated, giving themselves an exclusive. This means only super nerds will be able to put up sites. And we will lose a lot of sites that were quickly posted on a whim, over the 25 years the web has existed, by people that didn't fully understand what they were doing. That's also the glory of the web. Fumbling around in the dark actually gets you somewhere. In worlds created by corporate programmers, it's often impossible to find your way around, by design.
    • The web is a social agreement not to break things. It's served us for 25 years. I don't want to give it up because a bunch of nerds at Google think they know best.
    • The web is like the Grand Canyon. It's a big natural thing, a resource, an inspiration, and like the canyon it deserves our protection. It's a place of experimentation and learning. It's also useful for big corporate websites like Google. All views of the web are important, especially ones that big companies don't understand or respect. It's how progress happens in technology.
    • Keeping the web running simple is as important as net neutrality.
 
    • Google makes a popular browser and is a tech industry leader. They can, they believe, encircle the web, and at first warn users as they access HTTP content. Very likely they will do more, requiring the user to consent to open a page, and then to block the pages outright.
 
    • Many of the sites they will label as "not secure" don't ask the user for any information. Of course users won't understand that. Many will take the warning seriously and hit the Back button, having no idea why they're doing it. Of course Google knows this. It's the kind of nasty political tactic we expect from corrupt political leaders, not leading tech companies.
 
    • They tell us to worry about man-in-the-middle attacks that might modify content, but fail to mention that they can do it in the browser, even if you use a "secure" protocol. They are the one entity you must trust above all. No way around it.
 
    • When they say some percentage of web traffic is HTTPS, that doesn't measure the scope of the problem. A lot of HTTP-served sites get very few hits, yet still have valuable ideas and must be preserved.
 
    • If Google succeeds, it will make a lot of the web's history inaccessible. People put stuff on the web precisely so it would be preserved over time. That's why it's important that no one has the power to change what the web is.
    • It's like a massive book burning, at a much bigger scale than ever done before.
 
    • Why force people to do it? This suggests that the main benefit is for Google, not for people who own the content. If it were such a pressing problem we'd do it because we want to, not because we're being forced to.
 
    • Finally, what is the value in being safe?
    • Twitter and Facebook are like AOL in the old pre-web days. They are run by companies who are committed to provide a safe experience. They make tradeoffs for that. Limited linking. No styles. Character limits. Blocking, muting, reporting, norms. Etc etc. Think of them as Disney-like experiences.
    • The web is not safe. That is correct. We don't want every place to be safe. So people can be wild and experiment and try out new ideas. It's why the web has been the proving ground for so much incredible stuff over its history.
    • Lots of things aren't safe. Crossing the street. Bike riding in Manhattan. Falling in love. We do them anyway. You can't be safe all the time. Life itself isn't safe.
    • If Google succeeds in making the web controlled and bland, we'll just have to reinvent the web outside of Google's sphere. Let's save some time, and create the new web out of the web itself.
    • PS: Of course we want parts of the web to be safe. Banking websites, for example. But my blog archive from 2001? Really there's no need for special provisions there.
 
    • On June 20, 2018, I got an email from Google, as the owner of scripting.com.
    • According to the email I should "migrate to HTTPS to avoid triggering the new warning on your site and to help protect users' data."
    • It's a blog. I don't ask for any user data.
    • Google’s not secure message means this: “Google tried to take control of the open web and this site said no.”
 
Last update: Tuesday June 26, 2018; 2:11 PM GMT+0200.
 
Link to comment
Share on other sites

  • Replies 10
  • Views 1.2k
  • Created
  • Last Reply

Besides that change is really annoying for some websites, using a HTTPS is more secure and reliable :) 

Link to comment
Share on other sites

  • Administrator

While I think the author is wrong about some things, but someone needed to tell Google about it.

 

I personally feel Google is not misguided, it's unkind and unfairly stern. There are many sites that have reasons for not switching to HTTPS. Some have scripting issues, some have certificate issues, some have server side issues. If you are going to penalize those sites then you are not doing the right thing.

 

Also, it's wrong for the author to think Google cannot write rules. They can. I will like to remind everyone that Google is part of many groups that work for and the better of the internet. Those groups which Google and some of them even Mozilla are part of, are responsible for the majority of changes that have been made to internet and browsers in recent times, something which Google is actively part of. So they cannot say Google cannot write rules, as it's doing that from years now.

 

HTTPS is certainly good. But a line needs to be drawn to stop too much enforcing of it.

Link to comment
Share on other sites

3 hours ago, DKT27 said:

it's wrong for the author to think Google cannot write rules. They can.

We will see how much they write the rules when they get brought down to there knees  for being a monopoly just like Microsoft was. If it was not for the EU  suing M$ most likely you would still be using IE instead of Firefox or Chrome.  Google became famous using Windows and M$ misfortune then  monopolized Android   .. July is here and this is the month the EU is set to push another record breaking fine on  Google for forcing its products on Android the very same thing that brought M$ to its knees and the reason Google got ahead of them to begin with.      Google does not write the rules . Each  World Government does and this is not 2017 anymore the internet rules have changed all over Europe and there starting too in the US  as well.  Google has no power but the power to be fined billions of dollars for overreaching there boundaries .

 

Tech Companies  dont write laws  they can only bribe politicians  to make sure no laws get passed that cause them problems, but sooner or latter the wrong people gets in and there luck runs out.  There not even in good graces with the US Government right now for refusing Government contracts and the EU never has liked them. 

Link to comment
Share on other sites

2 hours ago, DKT27 said:

HTTPS is certainly good. But a line needs to be drawn to stop too much enforcing of it.

 

Happily, Nsane use HTTPS :) 

Link to comment
Share on other sites

4 minutes ago, Archanus said:

 

Happily, Nsane use HTTPS :) 

Nsane uses HTTPS but as soon as you go down in a post it's no longer secure. Even though i use only https images  and i see post that dont have no images say its unsecured . Https don't protect you no how  all them https sites incl Google  have been hacked a million times . And if they allow 3rd parties on there network like they all do too collect you're data like Facebook is in hot water for they even knowingly allow man in the middle attacks.

https://s7d1.turboimg.net/sp/743256999eb5b76ec598dfade5dc3065/8990.png

 

Link to comment
Share on other sites

1 minute ago, steven36 said:

Nsane uses HTTPS but as soon as you go down in a post it's no longer secure. Even though i use only https images  and i see post that dont have no images say its unsecured . Https don't protect you no how  all them https sites incl Google  have been hacked a million times . And if they allow 3rd parties on there network like they all do too collect you're data like Facebook is in hot water for they even knowingly allow man in the middle attacks.

 

Thanks for the great info dear bro :) I will take care :) 

Link to comment
Share on other sites

24 minutes ago, Archanus said:

 

Thanks for the great info dear bro :) I will take care :) 

Get yourself  a good vpn  that way all you're data is encrypted at a much higher level than the WWW  has  for ssl regardless if a site is https or not. Still  many sites i visit do not have it and very few sites that even have it  use it  were data dont leak out.  The flags  at this site

-http://www.nsaneforums.com/uploads/flagz/Pirate.gif   using http still for one thing,  all it takes is for something or someone to post http  images and the page becomes unsecured.

Link to comment
Share on other sites

26 minutes ago, steven36 said:

Get yourself  a good vpn  that way all you're data is encrypted at a much higher level than the WWW  has  for ssl regardless if a site is https or not. Still  many sites i visit do not have it and very few sites that even have it  use it  were data dont leak out.  The flags  at this site

-http://www.nsaneforums.com/uploads/flagz/Pirate.gif   using http still for one thing,  all it takes is for something or someone to post http  images and the page becomes unsecured.

 

Thanks dear bro :) .. So, what VPN software you recommend me?? :) Hotspot Shield??? 

Link to comment
Share on other sites

  • Administrator
2 hours ago, steven36 said:

We will see how much they write the rules when they get brought down to there knees  for being a monopoly just like Microsoft was. If it was not for the EU  suing M$ most likely you would still be using IE instead of Firefox or Chrome.  Google became famous using Windows and M$ misfortune then  monopolized Android   .. July is here and this is the month the EU is set to push another record breaking fine on  Google for forcing its products on Android the very same thing that brought M$ to its knees and the reason Google got ahead of them to begin with.      Google does not write the rules . Each  World Government does and this is not 2017 anymore the internet rules have changed all over Europe and there starting too in the US  as well.  Google has no power but the power to be fined billions of dollars for overreaching there boundaries .

 

Tech Companies  dont write laws  they can only bribe politicians  to make sure no laws get passed that cause them problems, but sooner or latter the wrong people gets in and there luck runs out.  There not even in good graces with the US Government right now for refusing Government contracts and the EU never has liked them. 

 

My views is that rules and standards are being written from years and Google is an active participant of it. Let us be honest, Google has done a lot of good and a lot of bad to the internet.

 

1 hour ago, steven36 said:

Nsane uses HTTPS but as soon as you go down in a post it's no longer secure. Even though i use only https images  and i see post that dont have no images say its unsecured . Https don't protect you no how  all them https sites incl Google  have been hacked a million times . And if they allow 3rd parties on there network like they all do too collect you're data like Facebook is in hot water for they even knowingly allow man in the middle attacks.

 

16

 

We are currently working on it. We can force all the links to be HTTPS, but that will cause problems to users who do not want to use HTTPS there.

Link to comment
Share on other sites

12 hours ago, DKT27 said:

My views is that rules and standards are being written from years and Google is an active participant of it. Let us be honest, Google has done a lot of good and a lot of bad to the internet.

The internet worked just fine for me before i ever used Google and the way they censor there search engine nowadays  its pretty useless to me and i use others more. Bing is even better than Google Search ... Before there was a Gmail there was a Yahoo ,AOL mail etc. When i 1st used Gmail it was beta invite only and i dont use it no more since 2011  only US mail I have is Zoho Mail  all my other emails are  non US based. Before there was a Chrome there was a Opera and a Firefox and I never liked Chrome , Been a Firefox user since 2006 when i switched from  IE.  Before there was and Android there was and IOS smartphone  . They didn't invent nothing that  was not already invented by someone else already  1st. They reinvented the wheel a 100 times is all  and since they are and ad company more than anything else , they had the  best advertising  campaigns to get people to switch too there products., Does it make there products any better ?

 

No they just sold  people on them  better like a TV commercial sells a  toy to a  kids parents when a kid sees it,  and I'm building  my internet around Google as much as possible they have nothing i need and anything they have can be replaced .  After the EU gets done suing Google maybe we will have forks of Android were non Google users can enjoy it without the fear of being spied on. I'm sorry but i cant agree with you on this because anything that is being a monopoly stagnates technology were new companies don't even have a chance and they try too write the rules were no one will be able to compete  with them . Because everything they do has billions of dollars backing them something a small business just getting started out don't have yet.  Before the  internet  and  Google , Microsoft. Facebook  and Apple the big monopolies were AT&T and Bell  what goes up must come down.

 

Google don't carry my internet even, they have internet but only in very few places they have it,  because they want put it no where that they know wont bring them loads of money , in 2018 they passed laws in the USA were the ISPs now have just as much power as Big Tech does now..  The whole fake Net Neutrality bill was designed to protect Big Tech form the ISPs it was never to protect the consumer. It being repealed only hurts Big Tech and alows the ISPs to  have the same rights they have and be able to compete against them  . The  consumer will most likely never notice it unless it's in a positive way like faster internet in rural areas. Anything that any company has that is very useful to me cost money unless it's open source. They can keep there adware infected stuff id rather pay than look at ads. But even if you don't have any money and use proprietary freeware and services  you are paying with you're privacy  and that's what those new laws in the EU are about it's you're choice you can always use a open source alternative for most things and pay or used warez for the rest .  It's like Netfilx  I'm not going to pay for that  but i see it as a useful service for some, but i already pay for Direct TV witch i can use online and offline so why would i want to pay extra for that?     :P

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...