Top 70+ Open Source Android Apps [Must Read] ~ Hack4friends

List of Top 70+ Open Source Android Apps                                                                                       

                                             

1. A Better Camera - Almalence
   All-purpose, full featured camera for Android
   XDA Thread - [APP][4.0+] Open Camera and A Better Camera, open source camera apps
   Source - Github
   .
2. acDeskClock - Mod of Android DeskClock - By Achep
   Source - Github
   .
3. AcDisplay - By AChep
   AcDisplay gives life to your device. Your device will let you know when a notification is received by showing you a beautiful, minimalist screen.
   XDA Thread - [APP] AcDisplay
   Source - Github
   .
4. AC Stopwatch & Timer - By AChep
   Source - Github
   .
5. ActionsContentView Example - By Steven Rudenko
   This application is an example for standalone library which implements actions/content swiping view.
   Source - Github
   .
6. Active Notify - By Akshay Chordiya
   Active Notify gives you instant access to important notifications. No need to unlock your device to check time or notifications.
   XDA Thread - Active Notify : Faster Notifications & Time
   Source - Github
   .
7. AdAway - By Dominik Schürmann [Play Store Link Dead]
   AdAway is an open source ad blocker for Android using the hosts file. ROOT REQUIRED
   XDA Thread - [APP] [UNOFFICIAL] AdAway v2.3
   Source - Github
   .
8. Adblock Plus - By Adblock Plus [Play Store Link Dead]
   Adblock Plus blocks all annoying ads on your Android device. NO ROOT REQUIRED!
   Source - Website
   .
9. Addi - By Corbin Champion
   A Computing Environment useful for solving many complex problems.
   Source - Google Code
   .
10. aeGis - By Decad3nce
    aeGis is an OSS alternative to other security apps that interact via SMS.
    XDA Thread - [APP] aeGis
    Source - Github
    .
11. aGrep - By Aquamarine Networks.
    aGrep is a open-source text search program like a "grep".
    Source - Github
    .
12. Alarm Klock - By Craig G
    A better alarm clock.
    Source - Google Code
    .
13. Amaze File Manager - By Vishal Nehra
    Material Designed File Manager
    XDA Thread - Amaze File Manager(Material theme)
    Source - Github
    .
14. AndEngine - Examples - By Nicolas Gramlich
    AndEngine is a free Open Source 2D OpenGL Game Engine for the Android platform.
    This application contains various Examples that showcase what developers can do with this engine.
    Source - Github
    .
15. Andlytics - By Andlytics Project
    Andlytics collects statistics from the Google Play Developer Console.
    XDA Thread - [OPENSOURCE APP] Andlytics (Play Store Stats App)
    Source - Github
    .
16. android-vnc-viewer - By androidVNC team + antlersoft
    See and control your computer's desktop from your phone, from anywhere.
    Source - Google Code
    .
17. Android BlackBerry Unlocker - By ebraminio
    Application for generating blackberry unlock code from android
    Source - Github
    .
18. Android Firewall - By jtschohl
    A firewall on Android is a great tool when it comes to the tiered data plans carriers have moved to and that's not even talking about the added security a firewall brings.
    Source - Github
    .
19. Android Terminal Emulator - By Jack Palevich
    Access your Android's built-in Linux command line shell. Unleash your inner geek!
    Source - Github
    .
20. Androminion - By Ankur Mehta
    Play Dominion, the award winning strategy game, on your phone or tablet against brilliant AI's!
    Source - Google Code
    .
21. Androsens classic - By Christian Schneider
    Androsens classic helps you to monitor all your device sensors! Gyroscope, light, acceleration, barometer and many more sensors can be displayed.
    Source - Google Code
    .
22. Androsens 2 - By Christian Schneider
    Good things only get better, the long awaited sequel to Androsens has arrived. Androsens 2 displays all available sensor and GPS information. See all your device sensor in action.
    Source - Google Code
    .
23. Androzic - By Andrey Novikov
    Navigation client that uses OziExplorer maps (ozf2, ozfx3). Great for hiking, geocaching, off-roading, sailing, boating and other outdoor activities.
    Source - Github
    .
24. And Bible - By Martin Denham
    Bibles, Commentaries, Theological Dictionaries, Maps, and Christian books in over 50 languages
    Source - Github
    .
25. AnkiDroid Flashcards - By Nicolas Raoul
    AnkiDroid lets you learn flashcards very efficiently by showing them just before you will forget. It is fully compatible with the spaced repetition software Anki (including synchronization)
    Source - Github
    .
26. AppAlarm Pro - By episode6
    Launch any app or shortcut as an alarm clock!
    Source - Github
    .
27. APG - By Thialfihar
    OpenPGP for Android. It's open source and its goal is to provide a similar OpenPGP implementation as GnuPG.
    Source - Github
    .
28. AppOps - By Sylvain Galand
    This is a simple access to the new hidden "App Ops" feature in Android 4.3 and 4.4 (and not all of them) ! "App Ops" is a built-in application permissions manager.
    Source - Github
    .
29. AppOps | Independent App - By ssrij
    Recompiled AppOps as an independent app from latest AOSP source.
    Source - Github
    .
30. App Tracker By Nolan Lawson
    Manage your apps the smart way! This handy 1x4 widget shows a list of 4 app icons
    Source - Github
    .
31. APRSdroid - By Georg Lukas
    APRSdroid is an APRS application for Amateur Radio (HAM) operators. It allows reporting your position as well as sending and receiving messages.
    Source - Github
    .
32. AROMA Filemanager + TERMINAL - By amarullz
    The World's First ANDROID Recovery Based Filemanager
    Source - Github
    .
33. arXiv mobile - By Nonlinear Apps
    arXiv mobile is science on your phone! Browse daily science articles (Physics, Astronomy, Math...) at arXiv.org and search the entire arXiv collection.
    Source - Google Code
    .
34. Auto Bright - By geekyouup
    Simply enables / disables the displays Automatic Brightness setting. App and home screen widget.
    Source - Google Code
    .
35. Axel (XML Editor / Viewer) - By Xavier Gouchet
    Axel is an Open Source simple XML editor and XML viewer, lightweight and ad-free.
    Source - Github
    .
36. Backgammon Mobile - ONLINE - By Alca Soc. Coop.
    Are you a backgammon master? Are you simply a newbie? tired of weak AI or cheating rolls? Backgammon Mobile is the game you have to try!
    Source - Github
    .
37. Bankdroid - By Nullbyte
    Bankdroid is an open source banking application for Swedish banks.
    Source - Github
    .
38. Banshee Remote - By Nikitas Stamatopoulos
    Control Banshee on Linux using an Android powered device.
    Source - Github
    .
39. Battery Indicator - By Darshan Computing, LLC
    Battery Indicator monitors and shows your battery charge level (percent) as an icon in your status bar, with temperature, health, voltage, and time since plugged / unplugged in the notification area.
    Source - Google Code
    .
40. Battery Widget - By geekyouup
    Graphical Battery Widget shows the exact battery level in 1x1 space, with shortcuts to Power-Summary/Display/Network/GPS/Wifi/BT
    Source - Google Code
    .
41. Beats, Advanced Rhythm Game - By Keripo
    Beats, Advanced Rhythm Game" is a music-based rhythm game for Google Android phones/devices.
    Source - Google Code
    .
42. Beebdroid (BBC Micro emulator) - By Little Fluffy Toys Ltd
    The BBC Micro Emulator for Android
    Source - Github
    .
43. BetterBatteryStats - By Sven Knispel
    With BetterBatteryStats you can analyse the behavior of your phone, find applications causing the phone to drain battery while it is supposed to be asleep and measure the effect of corrective actions
    XDA Thread - [APP][2.1+]BetterBatteryStats
    Source - Github
    .
44. Better Wifi On/Off - By Sven Knispel
    Better Wifi on/off aims at giving you the control of the Wifi state, optimizing your battery life without losing on user experience.
    XDA Thread - [APP][2.1+]Better Wifi on/off
    Source - Github
    .
45. Binaural beats therapy - beta - By Giorgio Regni
    Binaural beats stimulates your brain by sending special auditory artifacts directly into your headphones to produce subtle changes in behavior though entraiment of brainwaves frequency.
    Source - Github
    .
46. Birthday Calendar Adapter - By Dominik Schürmann
    Birthday Adapter provides birthdays, anniversaries, and other events from your contacts as a real calendar, which is displayed in your standard Android calendar application.
    Source - Github
    .
47. Blokish - By S. Coutant
    Blokus is a family game involving four players and a board with 20 x 20 squares.
    Source - Github
    .
48. Boid for Twitter (OSP) - By Team Boid
    Boid is the simple, beautiful Twitter client designed for Android 4.x (ICS and above). Boid is designed to be unique and fresh compared to other Twitter clients for Android.
    Source - Github
    .
49. Bookmark Folders - By DynamicG
    Bookmark Folders lets you organize your browser bookmarks into folders.
    Source - Google Code
    .
50. Book Catalogue - By Evan Leybourn
    An open source book cataloguing application (source on github). Books can be added manually, by ISBN, or barcode.
    Source - Github
    .
51. Book of Mormon Stories - By Gabriel Black
    Animated stories of the Book of Mormon streamed from lds.org. This app is essentially a dedicated browser that allows you and your children to easily watch and listen to the Book of Mormon Scripture provided by the lds.org.
    Source - Github
    .
52. BoxOffice - By ARLab
    BoxOfficeMatcher downloads the most popular movies and shows them into the movies list.
    XDA Thread - [APP] BoxOffice, augmented reality open source app
    Source - Github
    .
53. Brightness Profiles - By Craig G
    Easily adjust the device's brightness setting in one of the following ways
    Source - Google Code
    .
54. build.prop Editor - By Nathan Campos
    build.prop Editor was created to make your life as a Android geek a lot easier. If you have a rooted device this app will love to be able to let you easily edit the incredible build.prop file.
    Source - Github
    .
55. BusyBox - By Stephen (Stericson)
    BusyBox is a software application that provides many standard Unix tools, much like the larger (but more capable) GNU Core Utilities.
    Source - Google Code
    .
56. Calculator - By Xlythe
    The default CyanogenMod calculator! A calculator that tries to include graphing and matrix math without losing its simplicity.
    Source - Github
    .
57. Call Meter 3G - By Felix Bechstein
    Call Meter lets you keep an eye on your mobile plans.
    Source - Github
    .
58. CamTimer - By Dozing Cat Software
    CamTimer is a camera timer app designed to be as simple and efficient as possible.
    Source - Github
    .
59. CatLog - Logcat Reader! - By Nolan Lawson
    Debug your apps. Find error stacktraces. See what your phone is saying about you behind your back. It's all there in the system log, aka logcat!
    Source - Github
    .
60. Catlog (Donate) - By Nolan Lawson
    Donate version of Catlog
    Source - Github
    .
61. Chord Reader - By Nolan Lawson
    Search the web for guitar chord charts to your favorite songs. Then, Chord Reader will automatically analyze the chords and allow you to transpose, add a capo, etc.
    Source - Github
    .
62. Color Clock - By BrianCo
    Color Clock is a simple clock widget for your home screen or lock screen. Color Clock can be colored however you like it, including with transparency!
    XDA Thread - [APP][4.2+] Color Clock
    Source - Github
    .
63. Complete Linux Installer - By ZPwebsites
    Complete Linux Installer is an all in one solution to installing Linux distros on your Android device. Brought to you by the LinuxonAndroid project the app is designed to allow you to install a full Linux distro without touching your Android install.
    XDA Thread - Linux-on-Android project (Complete Linux Installer)
    Source - Sourceforge
    .
64. Congress - By Sunlight Foundation
    Keep on top of Congress.
    Source - Github
    .
65. ConnectBot - By Kenny Root and Jeffrey Sharkey
    ConnectBot is a powerful open-source Secure Shell (SSH) client. It can manage simultaneous SSH sessions, create secure tunnels, and copy/paste between other applications.
    Source - Google Code
    .
66. Core - By Andrey Moiseev
    Touch the screen, rotate your device to gain health, kill enemies and protect the core as long as possible!
    Source - Github
    .
67. Countdown Notifier Pro - By Berry Mobile
    Create countdown widgets to remind you of when special events are to take place.
    Source - Github
    .
68. Countdown Timer Widget - By Jonathan Dimond
    A simple widget representing a countdown/kitchen timer. Click to start a new timer. Click again to update or cancel timer.
    Source - Index
    .
69. CPU Spy - By Brandon Valosek
    This is a simple app to display the time the CPU spends in each frequency state. This can be a useful tool in diagnosing battery problems or tweaking your over-clock settings. It also displays the current kernel information.
    XDA Thread - [APP][2.1+] CPU Spy v0.4.0 beta
    Source - Github
    .
70. CPU Spy Plus - By Giuseppe Baglio
    This is a simple app to display the time the CPU spends in each frequency state.
    XDA Thread - [APP][2.1+][CPU Spy Plus] CpuSpy Plus by realgpp
    Source - Bitbucket
    .
71. CPU Spy Reborn - By Mirko Dimartino
    This app is based on the famous CPU spy, is open source and still in development.
    XDA Thread - [APP] [4.0.3] CPU Spy Reborn
    Source - Github
    .
72. CrossConnect Bible - By CrossConnect
    THe free Open Source Android Bible!
    Source - Google Code
    .
73. Cryptonite - By CSH
    This is a free and open-source file encryption solution based on the original EncFS code. Cryptonite is fully compatible with all EncFS features.
    Source - Google Code
    .
74. CurrentWidget - By RmDroider
    CurrentWidget displays how much electric current the device is using from the battery or receiving from thecharger.
    Source - Google Code
Source:xda-developers

Source:xda-developers

Read More

Shellshock bug could threaten millions as Compared to Heartbleed ~ Hack4friends

A programming flaw dubbed the “Bash Bug,” or more ominously “Shellshock,” is being described as potential threat to millions of computers, servers, medical devices, power plants and municipal water systems and even common objects such as refrigerators and cameras.

                                                              Image: just representation of shellshock                                    It is being compared to Heartbleed, a flaw in security software used by most of the Internet which allowed hackers to steal data such as passwords. Shellshock is similarly widespread and can be used to wreak more havoc. It allows hackers to take control of a vulnerable machine, steal data, shut down networks and cause other problems.

It was discovered Sep. 12 by Unix specialist Stéphane Chazelas and revealed on Wednesday.

According to Ars Technica, the bug is already being used to exploit Web servers. The initial fix for the bug was incomplete. Hours after news of the bug went public, security researchers detected evidence of hackers trying to exploit it.

The flaw affects a commonly used, free software system called Bash that has been around since 1989. According to the New York Times, it is built into 70 percent of machines that connect to the Internet.

Software-savvy people call it a “command shell.” It interprets instructions from users and programs so the computer knows what to do.

According to reports, it could affect your computer even if you’ve never heard of it. Bash is used in most Linux or Unix-based operating systems, including Apple’s Mac OS X, according to an alert from the Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT).

The National Institute of Standards and Technology rated Shellshock a 10 on a 10-point severity scale. Heartbleed was rated five. Both flaws were rated low in terms of complexity, which means they can be easily exploited.

Discovered last spring, Heartbleed was a flaw in security technology used by thousands of Web sites that exposed passwords and other personal data to hackers for two years before it was discovered.

Shellshock has existed for 22 years, the Times noted. It doesn’t just expose your password — hackers can exploit the flaw to hijack your computer. Heartbleed only affected servers, while Shellshock affects many Internet-connected devices.

However, Shellshock could be harder to exploit, Christopher Budd, global threat communications manager at security firm Trend Micro, told theAssociated Press. Not all machines running Bash can be exploited. It’s not enough for Bash to be installed on your system; you have to be using it for a hacker to exploit the bug.

An Apple spokesman told the Web site iMore OS X systems are safe unless the user configured advanced UNIX services, something only advanced users would know how to do. If your Mac is vulnerable, you only have to worry if you are on a public WiFi network, according to the Times.

According to cybersecurity reporter Brian Krebs, the flaw does not affect Microsoft Windows. But the Times said it can affect Android phones.

The flaw affects embedded devices and systems. That includes things like digital watches, MP3 players and traffic lights. “In some areas this will be a challenge to fix, as many embedded devices are not designed with regular updates in mind and will never be able to be patched,” Joe Hancock, a cybersecurity expert with insurer AEGIS in London said in a statement reported by Reuters.

The bug could be exploited to take control of a Web server and steal passwords, Joe Siegrist, CEO of LastPass, a service that stores and protects passwords, told the AP. Though he said the threat of that happening is lower than with Heartbleed.

Shellshock is particularly dangerous because its “wormable,” a term that refers to self-replicating attacks that spread across devices and systems like a viral pandemic.

Power plants and water systems are less threatened if they have followed the advice of security experts and remain disconnected from the internet to avoid such risks, the AP reported.

“Who is at risk” is an open question, however. “Bash is embedded and accessed in so many ways that we cannot fully understand its depth of use,”wrote Securosis analyst and CEO Rich Mogull. “We cannot possibly understand all the ways an attacker could interact with Bash to exploit this vulnerability.”

There’s reportedly not much you can do about it, except check for software updates on the Web sites of companies that make your computer, router and other Internet-connected equipment. An open-source software company called Red Hat released a partial patch for Linux. Apple iscurrently working on a fix.

Google is also working on a fix, Reuters reported.

Five years after Bash was created by a programmer named Brian J. Fox, another programmer named Chet Ramey took over the job of maintaining the software in his free time, when he wasn’t working at his day job as a senior technology architect at Case Western Reserve University in Ohio, the Times reported.

Ramey told the Times he thinks he introduced the bug in a new Bash feature in 1992. After Chazelas, the security researcher that discovered it, contacted him on Sept. 12, they collaborated with other people who work with open-source security to create a patch within a few hours. They discreetly tipped off the major software makers so they could address the problem before hackers found out and exploited the bug.

Courtsey:WashingtonPost

Read More

Microsoft pulls Patch Tuesday kernel update - MS14-045 can cause Blue Screen of Death

Microsoft has pulled one of its August 2014 Patch Tuesday updates.

MS14-045, which fixes various security holes in the Windows kernel, can cause a Blue Screen of Death (BSoD), thus forcing a reboot.

Apparently, the BSoD is caused by incorrect handling of the Windows font cache file - and because that happens during boot-up, you end up stuck in a reboot loop.

(Yes, MS14-045 requires a reboot after you've applied it.)

The euphemistically-named "bugcheck" number that you'll see if you are affected is: 0x50 PAGE_FAULT_IN_NONPAGED_AREA.
The reason this problem didn't show up in testing is because it only happens under rather specific circumstances,

You need to have one or more OpenType Font (OTF) files, installed in non-standard font directories, that are recorded in the registry with fully-qualified filenames.

A default Windows 8.1 install, for instance, includes only TTF (TrueType Font), TTC (TrueType font Collection) and FON (Windows bitmap FONt) files, recorded without pathnames:

Microsoft has published a workaround that will get you up and running again, but it involves a fair amount of fiddling.

You need to:

Boot from installation media or go into Recovery Mode.
Delete the crash-triggering file %WINDOWS%\system32\fntcache.dat.
Reboot normally, which should now succeed.
Save the registry key (see image above) that enumerates your fonts.
Remove from the registry all OTF font references with pathnames.
Delete %WINDOWS%\system32\fntcache.dat again. (It will have been rebuilt.)
Uninstall the MS14-045 update.
Restore the registry key that enumerates your fonts.
Reboot again.
The sort of font entry you need to remove from the registry, if you have any like it, is shown in an example on Microsoft's Knowledgebase page:

As well as MS14-045, three other Microsoft updates may provoke this problem, so any of the following updates should be removed, if you've installed them, in step 7 above:

• 2982791 MS14-045: security update for kernel-mode drivers
• 2970228 New currency symbol for RUB
• 2975719 Aug 2014 rollup for RT 8.1, 8.1, Server 2012 R2
• 2975331 Aug 2014 rollup for RT, 8, Windows Server 2012

Unfortunately, and understandably, Patch Tuesday aftershocks of this sortleave sysamdins wondering if they should approach future updates more cautiously.

We regularly urge you to "patch early, patch often," so let's hope Microsoft's patch for the broken patch goes smoothly, lest even those who weren't affected this time get cold feet next month.

Author - Hack4friends

Read More

Apple iOS malware breached into millions i-products and steals ad. clicks ~ Hack4friends

You don't see a lot of malware for iPhones or iPads.

One reason for that is Apple's strict control over what you're allowed to install on your own device.

So it's intriguing to see an iOS malware analysis in specialist threat research publication Virus Bulletin (VB).

The malware, which Sophos products detect as iPh/AdThief-A, was apparently created with the express purpose of conducting online ad fraud.



Who is at risk?

Fortunately, AdThief only affects jailbroken devices.

Jailbreaking is where you go out of your way to remove Apple's security controls (ironically, usually by exploiting a security vulnerability) in order to win the freedom to do what you like with your iPhone or iPad.

Interestingly, to write a proper anti-virus for iOS that could block malware preventatively, you'd need to intercept important system calls such as "visit this URL," "open that file" and "run this app".

But to do that, you'd need to jailbreak.

And by jailbreaking, you'd also open up the risk of malicious apps intercepting system calls for criminal purposes.

According to VB, that's exactly what AdThief does, waiting for you to click on someone else's ad with someone else's affiliate code, and then putting the crook's affiliate code in there instead.

Affiliate codes are those curious looking text strings you put into advertisement URLs on your own website, so that if someone clicks on them, you get a referral fee from the ad network.

If a crook can switch out your affiliate code for his own, he essentially steals revenue that should have been yours.

The money in mobile ads

With lots of mobile apps, especially games, supported by in-app ads, there's plenty of money to be made if your app becomes popular.

For example, Dong Ngyuen, author of the erstwhile smash-hit game Flappy Bird, is said to have been pulling in up to $50,000 per day before he abruptly pulled the game from both the Apple App Store and the Google Play Store.

Ngyuen's revenues, of course, were helped by the enormous reach and brand power of Apple and Google, with millions of genuine users downloading his game.

That turned it into a cult classic almost overnight, which in turn fuelled yet more downloads, and yet more ad revenue.

Is jailbreak malware even worth it?

There isn't much iOS malware around, and most of it is for jailbroken devices only.

So, is money-making crimeware for the iPhone or iPad even worth it for the crooks?



The only true virus ever seen in the wild for iOS was Ikee, which Rickrolled you rather than trying to make money illegally.

Even though the author admitted that he tried to kickstart his virus by deliberately infecting a bunch of devices, and even though it could spread automatically by infecting across the network, Ikee fizzled out very quickly.

There were very few infections reported and little harm done in the end.

But AdThief has allegedly already infected about 75,000 jailbroken devices.

Even if the malware is only able to squeeze one cent a day in ad revenue out of 10% of its victims, that nevertheless comes out at a very handy $30,000 per year.

It might not be Flappy Bird territory, but it's not an amount to be sneezed at, either.

What to do?

We'd offer you a free copy of Sophos Anti-Virus and Security for iOS if we could; sadly, Apple says, "No."

Instead, we recommend that:

-->If you are a user, avoid jailbreaking your iDevice.
-->If you are a sysadmin, avoid letting jailbroken phones onto your network.
By the way, if you have jailbroken your iDevice, please be understanding if your sysadmin then says, "No."


Courtsey-- Naked Security

Read More

Russian PM's Twitter account hacked by Hackers ~ Hack4friends

Russian Prime Minister Dmitry Medvedev's Twitter account was apparently hacked on Thursday and used to criticize the Russian government and President Vladimir Putin.

Russian PM - Dmitry Medvedev

The first tweet, published on Medvedev's official Twitter account @MedvedevRussia, said -- via translation by The Interpreter -- that he was "resigning," and added that he was "ashamed of the actions of the [Russian] government." Not long after, Medvedev's account put out a series of tweets criticizing Putin and retweets from anti-Russia protesters, including praise of Yale attorney and activist Alexei Navalny, an influential anti-Putin activist.

The tweets were scrubbed from Medvedev's Russian account, which has more than 2.5 million followers, within an hour after they appeared. No tweets have since been published acknowledging that the account was hacked. Medvedev's English language account, @MedvedevRussiaE, does not appear to have been affected.

The Russian government has not commented on the supposed hack.

As prime minister, some see Medvedev as little more than another mouthpiece for Putin. In 2012, Putin appointed Medvedev, who previously served as president of Russia, as the prime minister and the official leader of the United Russia Party. Medvedev also acts as the international face for Russia at meetings with foreign governments.

It's not clear at this point how his account was hacked. Russia has increasingly become a focus for activist hackers as the government continues to tighten its control of the Internet. So far, no activist groups have taken credit for the hack.

Source:BusinessInsider

Read More

Google preferring HTTPS over HTTP in google ranking (SEO) ~ Hack4friends

Google announced that websites using HTTPS, the secure version of HTTP, will have a better chance of ranking well in Google searches than those that don't.

In the vernacular, HTTPS is now a ranking signal for SEO (Search Engine Optimisation). It could be an inflection point for web security.

Security is a top priority ... over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We've seen positive results, so we're starting to use HTTPS as a ranking signal.

By making HTTPS something that impacts search results Google are applying the stick to an enormous security push that's been all carrots up to now.

Everywhere you look, from better SSL to the tricky business of end-to-end email security, Google are busy rolling out encryption or giving people ways to encrypt things.

Anyone who doubts the energy and seriousness that Google applies to this kind of thing or the effect that it can have need only wind the clock back five years.

In 2009, Google announced they wanted to make the web faster.

Google HTTPSIt wasn't a soundbite, a speech, a project or a campaign - it was a sea change.

Since then Google has created, amongst many other things, a fast public DNS service, a faster web protocol, tools to speed up websites, tools to make code smaller, an image format to make images download faster and a global content distribution network for commonly used code.

They even built their own web browser with a very fast javascript engine and spent millions and millions of dollars banging on about how fast it was.

Most importantly of all they made speed a ranking signal for SEO.

Making speed a ranking signal punished slowness. It's what made organisations care.

To understand why, you need to understand a little of how search engines work and how companies approach getting their websites noticed.

Google uses computer programs (referred to as spiders) to read the world's web pages and index them. The spiders try to determine the subject and quality of each page by measuring a multitude of different factors, known as signals.

The strength of the signals determines where those pages will rank when somebody types a search into the Google search engine.

Good signals means high rankings, more traffic and more revenue. Poor signals can put you out of business.

There are hundreds of signals but they aren't all equally important - some have far more impact than others. To prevent people from gaming their system Google is deliberately vague about how many signals it cares about, what they are and how much each one matters.

Thanks to a lot of research and some vague pronouncements from Google we have a pretty good idea of what some of the signals are and some idea of their weighting.

According to their blog, HTTPS will start off as a weak signal:

For now it's only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.

In reality, in my experience at least, even low strength signals get plenty of attention.

Because Google is cagey about what signals are worth, because organisations can't easily test and isolate their website's signals and because there is intense competition for good Google rankings those that care about SEO will generally act on any ranking factors that are well defined, regardless of how small their effect.

Companies like nothing better than lists with ticks next to them so if a ranking factor comes down to a simple yes or no choice it gets done.

Before Google made site speed a ranking factor I hardly ever had conversations with organisations about how fast their websites were. Now we always talk about it.

From now on they'll have something else to talk about - a simple binary choice: "Does our website use HTTPS?"

Increasingly the answer will be yes.

Source: compiled from online sources

Read More