Re: Facebook insecure by design

["steve pirk [egrep]" <steve () pirk com>]

That was a most excellent example Jay. I see what the issue is now.

This could be related to work Google did to plus shortly after launch. Buzz
and now Google+ are https only. Google cooked up a URL processer that took
clicks to external content like article links, and massaged the referrer be
readable as http to show where the visitor came from. Sanitized of any
personal data I assume.

The problem they were trying to fix was no one knew any users were coming
from Buzz clicks. They fixed that in +. I am thinking something of the same
might fix the search issues. It could also be that a Googler saw Lauren's
post and the debate has already started.

-steve
On Oct 23, 2011 4:04 PM, "Jay Ashworth" <jra () baylink com> wrote:

> ----- Original Message -----
> > From: "Jeroen Massar" <jeroen () unfix org>
>
> > On 2011-10-23 19:43 , steve pirk [egrep] wrote:
> > > Just about everything on Google pages is https these days, even
> > > search if you enable it.
> >
> > (or just use https://encrypted.google.com which is available for quite
> > some time already)
>
> Note that Lauren Weinstein has just put out a Privacy Digest posting noting
> that the referer behavior differs between https://encrypted.google.com and
> https://www.google.com in a way that implies that, again, someone at
> Google
> may not have gotten the Don't Be Evil memo...
>
>  http://lauren.vortex.com/archive/000906.html
>
> Cheers,
> -- jra
> --
> Jay R. Ashworth                  Baylink
> jra () baylink com
> Designer                     The Things I Think                       RFC
> 2100
> Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover
> DII
> St Petersburg FL USA      http://photo.imageinc.us             +1 727 647
> 1274