Google has launched a beta of secure Web searching at https://www.google.com/ – to search securely, you must start from that URL. The security is provided through normal SSL/TLS connections, which Google labels as “SSL” in the graphic, probably because the older (and outdated) term SSL is more familiar to users and certainly easier to say.
This is part of Google’s effort to add encryption to more of the company’s basic services, providing protection against snoops on local networks. SSL/TLS encryption ensures that communication between a Web browser and a Web server can’t be decoded by anyone listening in on the communication stream. This addition of SSL/TLS will enable those in repressive dictatorships to search Google without worrying about government surveillance – assuming the government allows access to Google at all.
I recommend that anyone using an open Wi-Fi network or untrusted Ethernet network (such as at a hotel) rely on some form of encryption to protect communications. A virtual private network (VPN) connection is best, but second best is enabling encryption on all connections over which private data or cleartext passwords could potentially be sent, such as email, file-sharing links (like WebDAV), and FTP.
Earlier this year, Google flipped a switch so that Gmail Web sessions are conducted securely by default using SSL/TLS; see”Google’s Gmail Defaults to Encrypted Sessions” (13 January 2010).
For more details on how SSL/TLS works, read Chris Pepper’s “Securing Communications with SSL/TLS: A High-Level Overview” (25 June 2007). And for a somewhat out-of-date article about VPNs that’s still worthwhile reading for its discussion of basic concepts, see Kevin van Haaren’s “For Your Eyes Only: Virtual Private Networks,” (15 August 2005).