Google encrypts AdSense serving

Google has taken addiitonal steps to encrypt and protect web content for viewers, by making its AdSense advertising code hyper text transfer protocol secure (HTTPS).

Mixed HTTPS and HTTP content warning in Firefox.

This permits advertisements to be served via the Secure Sockets Layer (SSL) protocol, so that pages protected by HTTPS don't have non-encrypted HTTP content mixed with encrypted material.

Announcing the new feature, Google software engineer Sandor Sas said HTTPS enabled sites require all resources on a web page, including ads, to be SSL compliant in order to protect users against Man In The Middle (MITM) attacks that could capture data before it's transmitted and encrypted.

Sas said that browsers will display warnings if an HTTPS page attempts to load HTTP resources, to differing levels of aggressiveness.

"To make sure that all resources loaded by our ad calls on your secure page are SSL compliant, AdSense will remove non-SSL compliant ads from competing in the auction, which in theory means less auction pressure..

"This feature is meant to provide a monetisation solution for publishers with existing HTTPS pages and not a reason for publishers to convert sites from HTTP to HTTPS. The HTTPS-compliant ads currently are text, image and Flash ads, but we are working on enabling more as we can make sure they are safe to use on secure pages," he said.

Earlier this month, Google said it will encrypt information sent between its data centres around the world, in response to allegations of mass spying by the United States National Security Agency (NSA).

The encryption of information flows won't prevent intelligence agencies from legally spying on users and obtaining information with court warrants, but it will make large-scale surveillance more difficult to accomplish.