Google Chrome to start marking HTTP connections as insecure

In order to encourage more website owners to allow their encryption into their online properties and to offer more powerful protection to the websites, Google takes actions to label HTTP connections as insecure in Chrome browser.

The plan will take effect in January with the publication of Chrome 56. A “not secure” indicator of Chrome 56 displays on the browser’s address bar before HTTP URLs, but only for the web pages that have passwords or credit card form field.

It is high-risk to transmit such private information over HTTP for the data can be easily intercepted and overtly gathered by cyber attackers who have been properly trained to use computer through public wireless networks or via infested routers, for example.

It is reported that the HTTP warning notification will be further expanded in the later Chrome releases. First, HTTP pages will be marked as “not secure” when getting access to browser’s privacy-oriented Incognito mode. Finally, Chrome will allow the warning notification to display for HTTP pages and switch the security indicator to the red triangle now applied for damaged HTTPS connections.

“Studies show that users do not perceive the lack of a ‘secure’ icon as a warning, but also that users become blind to warnings that occur too frequently,” said Emily Schechter, a member of the Chrome Security Team, in a blog post Thursday.

According to Google’s released information, there are half of the pages opened up by Google Chrome users have been encrypted by HTTPS, and the adoption of this important security protocol will become more popular among websites.

Google also applies HTTPS as a page ranking signal in its search engine in order to expand the encryption on the web.

There exists reason for some websites not to embed the encryption. Because of the improvements in browsers, the web pages with HTTPS now have the ability to launch considerably faster over HTTPSs’, and thanks to the technology like CloudFlare or the Let’s Encrypt certificate authority, gaining a Transport Layer Security certificate is now free.


No comments yet.

Leave a Reply