Hey everyone! I've been trying to get my head around how HTTPS works and what ISPs can actually see. I understand that when you use HTTPS, ISPs can tell you visited a certain domain, but they can't see the specific pages within it. However, I'm curious about how they might determine your search history, especially when using sites like Google, which is HTTPS. Isn't it true that Google logs the searches, but that doesn't necessarily mean the ISP sees those logs, right?
Also, when downloading files from HTTPS sites, ISPs know something was downloaded but not what it was. Yet, my browser keeps a list of the exact filenames. So, can ISPs access information about those downloaded files like a search term?
Finally, if I'm navigating within a website, does it really matter how I enter? Like if I start off at reddit.com or directly go to reddit.com/r/techsupport, will the ISP only see reddit.com either way?
Thanks for your help!
2 Answers
HTTPS encrypts your data during transmission, meaning only the sender and receiver can see it. When you search on Google, that's recorded on Google’s end, but the ISP only knows you went to google.com, not what you searched for. For downloads, the browser records the details, but the ISP just sees that something was downloaded, not what it specifically was. To keep your DNS requests private too, you could use DNS over HTTPS; it encrypts the domain lookup as well. If you want more privacy, consider using Tor!
Here's the deal with HTTPS: the domain name (like www.example.com) is visible in your requests, but any specific paths or queries (like /some/path?query=hello%20world) are encrypted. So, while your ISP knows the domain, they can't snoop on the details of your requests.
Thanks for clarifying! So, just to confirm, the ISP generally won't know exactly what I downloaded, just that it happened, right? And about entry points, would they see specific pages if I enter a precise URL like reddit.com/r/techsupport?