[tor-bugs] #4375 [EFF-HTTPS Everywhere]: Use https://www.google.com instead of https://encrypted.google.com
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Nov 1 16:40:57 UTC 2011
#4375: Use https://www.google.com instead of https://encrypted.google.com
-------------------------------------+--------------------------------------
Reporter: emk | Owner: pde
Type: defect | Status: closed
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Resolution: wontfix | Keywords:
Parent: | Points:
Actualpoints: |
-------------------------------------+--------------------------------------
Changes (by pde):
* status: new => closed
* resolution: => wontfix
Comment:
https://www.google.com has worse security properties than
https://encrypted.google.com, as discussed
[https://www.eff.org/deeplinks/2011/10/google-encrypts-more-searches here]
and [https://mail1.eff.org/pipermail/https-
everywhere/2011-October/001209.html here]. The functionality gap between
the two sites is small.
Unless the www.google.com domain becomes as secure as
encrypted.google.com, HTTPS Everywhere will not send searches there.
We would however consider a patch with an alternative, off-by-default
ruleset that let the user search on www. instead. I believe that is
possible with the current codebase, but might require an undocumented
dependence on the name of the alternative ruleset and the order in which
inodes in the ruleset directory are scanned in the HTTPSRules constructor.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4375#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list