What is the difference between http and https when accessing Google Reader?

Asked by tonedef (3935

) January 15th, 2009

Sorry, I’m not an IT expert, but I am concerned with data interception, since I use a neighbor’s wireless network. If you access Google Reader through https://www.google.com/reader, as opposed to http://www.google.com/reader, what information is encrypted? Is it just my login information, or is all data sent and received between Google and I encrypted?

Any insight into this would be extremely appreciated. Thank you!

Observing members: 0

Composing members: 0

5 Answers

https is encrypted both ways. Portions of a page can be encrypted and not others, but your browser should (or at least can be set up to) warn you if that’s the case.

Grisson (4634

)“Great Answer” (3

) Flag as…

Cool. So, if I didn’t receive any alerts, and Firefox claims that “Your connection to this site is encrypted to prevent eavesdropping,” it’s not like certain frames are encrypted and others aren’t?

tonedef (3935

)“Great Answer” (0

) Flag as…

That is correct. (Assuming you haven’t turned of the warnings).

Grisson (4634

)“Great Answer” (0

) Flag as…

I imagine what they say about using https with Gmail is likely to apply to all of the Google cloud services (like Reader, Notebook, Docs, etc.).

I can’t find it written down, but I think Google would always use an https connection when handling initial authentication. (So, even if you access the logon page via http, it would actually send the credentials securely via https, and then the rest of your session would continue in plain old http.)

robmandu (21331

)“Great Answer” (1

) Flag as…

Cool, thank you! Maybe I should use WireShark at home and play around with it. Again, thanks, everyone.

tonedef (3935

)“Great Answer” (0

) Flag as…