[Old Forum guest] anonymous
Created: 3 years and 9 months ago
i just noticed that when i send a a search query the URL isnt encrypted!
this is a huge flaw in security and privacy that means that if someone is sniffin my network he can know what im searching! its a real issue that has to be taken care of fast.

the query i sent (both via address bar and via searchBox (both using Firefox(18.0.2) only):

if you decode the URL you get the same search query , thats bad guys.

my suggestion is to make a plugin that encrypts it with a key that only duckdudckgo.com servers can decrypt that way its one way encryption and effectively closing the https (ssl) security hole.

also, it doesnt mean that the q get have to be gone, you can change it to like e(for encrypted) or just make a prefix for all encrypted querys.

if you didnt understood anything or have any questions ot need any help at anysubject, umlal@hushmail.com

You must be logged in to comment. Please, Log in or Register.
I think you are completely misunderstanding how this works. When you use SSL, your entire request is encrypted. The only thing a sniffer could see is the source and destination addresses.
The "encoding" in that query string you pasted is standard URL encoding, which just takes care of transferring the non-latin characters.
posted by crazedpsyc 3 years and 9 months ago Link