Random Pagan Verse:
A kind word need not cost much,
The price of praise can be cheap:
With half a loaf and an empty cup
I found myself a friend,

Author Topic: Google security team Adds HSTS Support to Google.com Search Engine  (Read 317 times)

Offline mastercode (OP)

  • Global Moderator
  • Hero Member
  • *****
  • Date Registered: Jul 2014
  • Posts: 2434
  • Thanked: 8 times
  • Karma: +0/-0
    • View Profile
    • Naijacrux
Loading...

Google security team announced that they have finished implementing HSTS support for the company's main product, its vaunted search engine.
The move comes after months of testing to make sure the feature covered all the places where the search engine was featured, including APIs, not just the main website.

HSTS stands for HTTP Strict Transport Security and is a Web security protocol supported by all of today's browsers and Web servers.

HSTS protects HTTPS against several SSL attacks
The technology allows webmasters protect their service, and their users, against HTTPS downgrades, man-in-the-middle attacks, and cookie hijacking for HTTPS connections.

The protocol prevents users from going back to an HTTP connection when accessing Google over HTTPS, and forcibly redirects users to HTTPS connections as much as possible.

The technology is widely regarded as the best way to protect HTTPS connections against the most common attacks on SSL but has not been widely adopted.

95% of HTTPS websites still don't use HSTS
A study from Netcraft conducted last March showed that 95% of all servers running HTTPS either fail to set up HSTS or come with configuration errors. As such, Google's team has spent a great amount of time testing.

"Ordinarily, implementing HSTS is a relatively basic process," Google's Jay Brown, Sr. Technical Program Manager explained Friday. "However, due to Google's particular complexities, we needed to do some extra prep work that most other domains wouldn't have needed to do. For example, we had to address mixed content, bad HREFs, redirects to HTTP, and other issues like updating legacy services which could cause problems for users as they try to access our core domain."

During HSTS tests, Brown says that the team managed to break Google's famous Santa Tracker last December. The problem was fixed, but this only comes to show the wide spectrum of products the engineers had to ensure were working properly after HSTS deployment.




 

 

Microsoft Update Bing for Search with major features

Started by bellanaija

Replies: 0
Views: 8203
Last post August 08, 2018, 02:46:06 AM
by bellanaija
Mozilla Firefox Adds a New Sidebar for Viewing Synced Tabs

Started by internet police

Replies: 0
Views: 302
Last post February 08, 2016, 10:08:52 AM
by internet police
Google's parent company 'Alphabet' Becomes Most Valuable Company in the World

Started by mastercode

Replies: 0
Views: 354
Last post February 02, 2016, 01:55:21 PM
by mastercode
Google Maps Updated With WiFi Only Mode and Offline Maps to SD Cards Features

Started by yungcrux

Replies: 0
Views: 343
Last post August 10, 2016, 07:07:46 AM
by yungcrux
Google, Facebook & Twitter sues by Paris attack victim for spreading ‘propaganda

Started by yungcrux

Replies: 0
Views: 320
Last post June 16, 2016, 12:39:35 PM
by yungcrux
Google removed Many Android apps from Play Store for promising social followers

Started by internet police

Replies: 0
Views: 496
Last post July 15, 2016, 02:25:58 AM
by internet police
Google Acquires Swedish Limes Audio for Improving Voice Quality in Hangouts

Started by newspostng

Replies: 0
Views: 430
Last post January 09, 2017, 12:39:48 AM
by newspostng
Google shares rise after online ad sales pushed revenue higher

Started by internet police

Replies: 0
Views: 484
Last post April 24, 2015, 07:57:32 PM
by internet police
Google Updates Android,Ios&desktop Maps with Areas of Interest and Cleaner Look

Started by yungcrux

Replies: 0
Views: 252
Last post July 27, 2016, 05:52:43 AM
by yungcrux
Google and Samsung Give Users a Good Reason to dump Windows 10

Started by yungcrux

Replies: 0
Views: 424
Last post January 06, 2017, 01:20:42 AM
by yungcrux