GOTCHA: Google caught STRIPPING SSL from BT Wi-Fi users' searches

[Jeffrey Walton <noloader () gmail com>]

http://www.theregister.co.uk/2014/11/20/gotcha_google_caught_stripping_ssl_search_from_bt_wifi_users_searches/

Google's "encryption everywhere" claim has been undermined by Mountain
View stripping secure search functions for BT WiFi subscribers
piggy-backing off wireless connections, sysadmin Alex Forbes has
found.

The move described as 'privacy seppuku' by Forbes (@al4) meant that BT
customer searches were broadcast in clear text and possibly open to
interception.

Customers were told that the network, rather than the Chocolate
Factory, "has turned off SSL search", a statement Forbes proved to be
false.

Google engineer and security bod Adam Langley in a forum comment
confirmed the SSL strip and said it would be removed 'soon'.
...
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.