X
    Categories: State of the Industry

Is SSL a Blackhole? Or is it the Event Horizon?

Black holes are arguably one of the most inaccurately-named phenomena in the universe (barring government intelligence, at least). A “hole” is a region that is devoid of anything, whether it’s a hole in your shirt, your garden or your logic. Black holes, on the contrary, are so full, that their density creates a gravity so intense that even light can’t escape. That blackness is what gives them the appearance of a hole, hence the name. NASA has determined that our galaxy has a massive black hole at its center, and perhaps many millions more.

Humor me… there’s a point to all this. Really.

So, at the center of our galaxy, we have this huge, black hole, that refuses to allow any light to reach us from its gaping maw.

Maybe you’re still not seeing the parallel… for clarity, I’ll spell it out. Google is our industry’s black hole. For many of us in digital marketing, it is, unfortunately, often at the center of our working galaxy. And its density is certainly increasing, as is evidenced by the diminishing light it allows to reach us.

Enter: https

The downside

With Google’s announcement that sites boasting https could expect a rankings boost, cries of anguish were heard from SEOs around the world. A variety of complaints surfaced:

  • Cost

SSL certificates aren’t cheap. For someone with a single site, a certificate from a reputable provider can run around $100 per year – not an astronomical figure, but still enough to drive a lot of bloggers and hobbyists away. For a wildcard certificate, costs can be up around $600+ per year. That’s enough to turn away a good number of multi-site owners. I have 7 sites…that means I’ll probably have to have at least 3 wildcard certificates. I’m not fond of the idea of shelling out that kind of extra cash every year, since none of my sites receive any PII (personally identifiable information).

Granted, a few low-cost certificate providers have surfaced. But Google has already singled out some that they won’t recognize. I would expect that as demand increases, prices will probably drop, but time will tell.

  • Data

Most of us have gotten accustomed to not provided, since Google pulled that rug out from under us. Will we now lose even more data from our Analytics? Will the sites linking to us become invisible to us? Will people be forced to subscribe to tools like Majestic in order to monitor even minuscule link profiles? If so, that will chase off still more entry-level webmasters.

  • Adoption

I can envision a fair amount of resistance from webmasters who are inclined to neither shoulder the expense nor assist Google in further expanding its self-assumed authority to police the web. In fact, I can see that their attempt to force the issue could lead to serious repercussions for the company.

  • Enforcement

Google’s position that https will cause a slight rankings boost is one thing. I think it would be pretty difficult to make a case against them for only that. But displaying warnings for sites that aren’t SSL/TLS is something else – I think that crosses a line. Thought needs to be given to how such a warning would be perceived by the average user.

Given that US regulators have never really taken their sights off of Google, the last thing the company should want to do is attract undue attention. And actually losing a class-action suit could be a lot more costly, operationally, to the company than the paltry few hundred million in payout that such a loss could cost them. They’re already getting squeezed in the EU… but that’s the EU, not their home turf. “Choose your battles” is sound advice.

The upside

There’s more than just encryption involved in Google’s position, though. There are really three major considerations in SSL/TLS certificates. Each plays an important role in making online connections safer for the parties at both ends of any data transaction.

  • Authentication

Authentication is simply being able to ensure that the connection is actually with whom a party claims to be. That’s important for more than just knowing who you’re dealing with before giving out your credit card data or downloading a file.

  •  Data Integrity

When you download a file, you want to be sure that you’re getting what you bargained for. SSL/TLS is a means of ensuring that nobody is tampering with the data you’re receiving. That has obvious benefits.

  • Encryption

This is the aspect that seems to be getting the most attention with the general public. It’s basically just ensuring that only the sender and the intended recipient of data can interpret the transferred data (sort of a digital Dick Tracy Encoder Ring).

Unfortunately, by itself, encryption provides a lot less protection than many people seem to think. Yes, encryption, when properly done, can afford a fair amount of protection. But skilled, determined efforts can break most encryption protocols… some that are thought to be very secure can be breached surprisingly easily.

The fact is, without effectively addressing all three facets, a site could still be vulnerable to more sophisticated exploits. Presumably, a weakness in any of these three areas could be Google’s justification in rejecting certain certificate providers.

The real question

For many, the real question is, ‘how does Google get off?” They’re a search engine, not the beat cop, right? I can certainly understand how certain aspects of user experience play a role in their popularity. And that popularity is obviously the basis for their ability to sell ads. But their involvement with user experience should be limited to the quality of the experience the user enjoys with Google. That should logically be tied to search results that match a query. End of story.

If Google is allowed to regulate (and that is precisely what they have set themselves up to do, folks… regulate the internet) the context, architecture, meta data… even the words and images we use on our websites, how long before their next leap?

Are your prices too high? Is your customer service inadequate? Maybe the color in those jeans you sell fades with the first wash. Or maybe your product is just deemed to be too controversial for their tastes. The point is, none of that is really Google’s concern, any more than it’s their concern whether you’re Christian or Muslim, Liberal or Conservative, white or black….

If you tend to agree that Google has gotten too big for their corporate britches, have you ever asked yourself who’s responsible for allowing it to happen? If so, run in the bathroom… I’m sure there’s a mirror there that will give you a clue. Because you and I, and a ton of other people let it happen. Worse than that – we helped them do it!

The event horizon

With black holes, there’s a point of no return, where a mass has approached so close that escape is no longer possible. That point is called the event horizon, and once you pass it, you will be consumed. (Nobody knows exactly how that plays out, but the general consensus is that it wouldn’t be a pleasant experience.)

I think we are dangerously close to the event horizon of this black hole called Google. Maybe it’s too little, too late, but I have no intention of converting to https just to please Google. I think it’s about time they concern themselves with pleasing us for a change.

The following two tabs change content below.
Doc Sheldon began studying SEO in earnest in 2003 and began offering SEO services part-time a couple of years later. In 2008, he retired from his business management consulting firm and began practicing SEO full-time. He concentrates on staying abreast of new and upcoming developments in search and writes extensively on technical SEO and semantic search. He manages his SEO consultancy, Intrinsic Value SEO, and his content agency, Top Shelf Copy, from his San Diego office, with U.S satellite offices in Missouri and Pennsylvania as well as in Australia and Great Britain. He also has alliances with several other SEOs, from which they offer international marketing services. Doc's passions are combating online misinformation and the Semantic Web. Oh, and he dislikes both beets and blended Scotch - passionately. You can see more of Doc's writing and connect with him on various social media platforms via his Google+ account.
Doc Sheldon :Doc Sheldon began studying SEO in earnest in 2003 and began offering SEO services part-time a couple of years later. In 2008, he retired from his business management consulting firm and began practicing SEO full-time. He concentrates on staying abreast of new and upcoming developments in search and writes extensively on technical SEO and semantic search. He manages his SEO consultancy, Intrinsic Value SEO, and his content agency, Top Shelf Copy, from his San Diego office, with U.S satellite offices in Missouri and Pennsylvania as well as in Australia and Great Britain. He also has alliances with several other SEOs, from which they offer international marketing services. Doc's passions are combating online misinformation and the Semantic Web. Oh, and he dislikes both beets and blended Scotch - passionately. You can see more of Doc's writing and connect with him on various social media platforms via his Google+ account.