Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

My guess is that a significant portion of business website technical infrastructure has some dependence on being able to access the search terms. Tons of commerce websites would scream if they lost this information.

It's probably a complicated web of business relationships and strategies that is the answer for why Google would be reluctant to make such a change. It would cause a lot of upheaval and potentially ill will from companies affected by the change.

It would be an extremely bold move by Google to make to prevent search leakage by default. Does Google believe that encrypted.google.com appeases the users who are concerned? Does Google believe that it is only a minority of users that are concerned?



I have a gut feeling that google should be on the side of the users in this case, not the websites. Even if the users 'don't care' it's mostly because they are not aware of issues like this.

Typically someone that types a query in to a searchbox on www.google.com thinks they are having a conversation with google, not with all of the potential links they'll click after having completed their query.

Try explaining to a few non-computer literate people what happens behind the scenes when you do something as simple as a keyword search, most of them will have their eyes solidly glazed over long before you get to the HTTP_REFERER header.


Nothing against what you've said but search terms are hardly my bank account details, I'm well aware that they are being 'leaked' (although, I'm not sure that's even the correct term given that it's quite delibarate) and I doubt my whole search history would reveal more than which language I was working on and what error message had me stumped. Oh, and maybe which celebrity I have the hots for too.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: