March 29, 2018
Google Chrome to Mark Insecure HTTP Websites
Beginning this July, Google Chrome will label all HTTP sites as “not secure,” per a blog post recently authored by Chrome security product manager Emily Schechter. The change will come with Chrome’s updated version 68, which will warn users with an added notification in the address bar if a site isn’t HTTPS-encrypted.
“Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web toward a secure HTTPS web by default,” Schechter posted. “HTTPS is easier and cheaper than ever before, and it unlocks both performance improvements and powerful new features that are too sensitive for HTTP.”
“HTTPS” means data is sent through a secured connection that’s encrypted by what’s called an SSL Certificate. HTTP sites don’t have that certification and are considered less secure by the data community.
Several years ago, Google began nudging less secure sites toward better adoption by placing HTTPS sites higher in search results. The move this summer, though, is Google’s toughest signal yet that the company is serious about certification standards, analysts said.
Although some websites will be affected, Google said the majority of commonly used sites are already in compliance. About 81 of the top 100 websites use HTTPS by default, according to Google, and over 68% of Chrome traffic on Android and Windows occurs over HTTPS. Nearly, 80% of Chrome traffic on Chrome OS and macOS and iOS currently travels securely.
For more information on this topic, click here.