

Https Google Search Redirecting to http in Iran - sepent

How can a monkey in the middle stop you from going to encrypted Google search? How can they redirect you instead to plain old http:&#x2F;&#x2F;www.google.com?<p>So I&#x27;m doing a normal Google search like I do a hundred times everyday, and suddenly I get this message from Google:<p>&quot;SSL search is off<p>This network has turned off SSL search,
so you cannot see personalized results.<p>The security features of SSL search are
not available. Content filtering may be
in place.&quot;<p>I look up at my URL bar, and yes, it says http not https. I get curious. I search Google&#x27;s support pages for some way the government can mess with my Google search (I live in Iran) and I find this: https:&#x2F;&#x2F;support.google.com&#x2F;websearch&#x2F;answer&#x2F;186669?hl=en<p>To quote the relevant part: &quot;To utilize the no SSL option for your network, configure the DNS entry for www.google.com to be a CNAME for nosslsearch.google.com.&quot;<p>I dug around a little and learned that all DNS queries are replied by a nearby spoofing server (nearby, because it responds so fast compared with what I have to endure in here!). I could do something like &quot;nslookup www.google.com 1.2.3.4&quot; (anything works instead of 1.2.3.4, whether a real DNS server or not) and get &quot;216.239.32.20&quot; which is the IP address for nosslsearch.google.com.<p>I tested this with four different servers around the country I have ssh access to. Everywhere it&#x27;s the same.<p>DNS spoofing is a known government technique used for content blocking in Iran, but I haven&#x27;t seen it be used for this purpose before. The government has long been lamenting Google&#x27;s decision to go SSL. They have been looking for some way to get to see what people are searching again, and they seem to have found it.<p>The obvious way to get around this for me would be to add an entry in my &#x2F;etc&#x2F;hosts file or visit encrypted.google.com for searching. I suggest the same thing to other people living in Iran.
======
mike-cardwell
If you use the HTTPS-Everywhere Firefox addon it will protect you from this.

