Questioning Google’s motives re the push to HTTPS
Posted on Twitter this morning:
Tech journalists: Have you questioned the wisdom of Google/EFF/Mozilla push to shrink the web to only sites that support HTTPS?
I don’t understand why Google et al are doing this, and I think we should all be involved in this decision, esp journalists. I expect the tech press to be leading here. But so far no one has been willing to look. I’ve been more or less alone in questioning the idea.
To think that people who set up blogging servers can jump through this hoop, no one can be so naive to think that won’t hurt the open web. For what benefit? Please don’t recite the standard talking points, I’ve heard them all before many times.
There’s no doubt it will serve to crush the independent web, to the extent that it still exists. It will only serve to drive bloggers into the silos. Perhaps that’s the real motive for Google et al.
Google did this before, with RSS, the loop is closed on that. So to assume their motives are good, or that they’re competent to make these choices for us, is not true. They are a company. A very large one, and they behave like one.
Update at 1PM
A former exec at one of Google’s competitors explained what is possibly their real motive. Google doesn’t want its competitors to write bots that scrape their search engine.
So why not just encrypt all access to google.com? I asked.
Because bits of Google code are embedded in other people’s pages. Google Analytics, YouTube, maps. I immediately understood. The way HTTPS works, if any component of a page is not secure then all other accesses are not.
I guess that means that google.com still has to be ready to handle unsecure requests, because some pages include references to it.