[gress]

For Google, delivering ads takes priority over security best practices and customer privacy.

Edit: an unarguably true statement, fully supported by Google's own posting, begins to be downvoted.

Google could just as easily tell the ad networks to upgrade to HTTPS, but they have chosen to ask developers to reduce the security of their applications instead.

[dijit]

They are first, and foremost, the worlds largest advertising company.

This is how they make their bottom line and it will come at the detriment of anything else.

however, they value reputation too- so it's likely this will be fixed in future. But let's not throw exaggerations around. Google are not "for the people" but they're not against them either. Google are the new lawnmower[0] except they generally do things we like right now.

[0] https://youtu.be/-zRN7XLCRhc?t=2084

[JosephRedfern]

I kinda agree in this case - why couldn't a similar blog post have been written targeted at 3rd Party Advertisers, requesting that they serve all content over TLS?

I suspect I know the answer, but it quite clearly shows where their priorities lie.

[blowski]

I downvoted you and will explain why.

Very often there are trade-offs between security, usability, financial gain, and various other factors. If security and customer privacy should always win absolutely, then the easiest way to achieve that would be to disable the internet.

The reality is that Google has decided that the damage to their bottom line (and the bottom line of the publishers who benefit financially from using their ad system) is greater than the likely damage of making this change. I can't say whether or not their right, but it's silly to pretend that Google simply said "Security or profit? Profit every time!".

Saying it's "unarguably true" doesn't make it so.

[marbletiles]

He didn't say "every time" (in the version I'm looking at). He said they chose profit over security (implying in this instance) and I think that's valid.