Saturday, May 10, 2014

No to all HTTPS

Letter to Google

   Google, people probably always want to use port 443 (HTTPS) for logging into GMail. They also want to use it for their blog.  They even may want to use it for Google+ which I need about as much as a hole in the head.  Ditto for Facebook, Twitter, Linked-In, et al.  I don't need any of those "ant-social" web-sites.  They have turned people into anti-social idiots in the real world.
   But forcing me to use HTTPS for your search engine all the time is inappropriate.  I am generally searching for the usage of some new hosts in tracking, ad-servers and malware.  You are second on that with DuckDuckGo being the primary.  For what ever reason, you seem to be trying HTTPS first on the link which causes all sorts of problems when I click on the links.  I could care less that the NSA tracks this activity.  If they are using Windows and get infected by the ad-ware I find that is their fault.  I get the high octane malware stuff in my email box almost every day.  They can have that too because I give it to your VirusTotal service with comments I hope help people learn what is happening.
   In case you are wondering, DuckDuckGo just uses the URLs as-is  But there I can also use DuckDuckGo as either or, which ever is most appropriate.  It is just that my ISP (Comcast / Xfinity) kept snooping on my activity, supposedly to protect my Linux systems from Windows malware.  So I usually use HTTPS with DuckDuckGo to foil them.  But I am having extreme difficulties testing for whether I have a tracker / ad-server off of your links.  Invariably the links are not using HTTPS.

   So please make it so we can use HTTP for your search engine when that is appropriate.  Over 90% of the time I could care  less that the NSA knows what I am searching for.  Again a warning is in order.  When it looks like I am searching for porn I am usually looking for malware, an ad-service, or a tracker at a porn site.  Despite common wisdom to the contrary, porn sites still up the chance of Windows malware considerably.  So if I am looking for info on it may be their ad-service, a tracker or given where it came from, maybe malware.  Even if it just their ad-service or their tracker it still gets tossed into my porn bin when I add it to my hosts file.  After all, it is not a generic ad service.  There is no malware I know of at it. But there is no reason to hide the search from anybody.