Google Chrome Outlines Steps To Push Universal HTTPS Standard

Google announces further changes to the labelling of secure websites.

Google Chrome remains at the top of the world’s most-used browsers, so any changes the Chrome team makes will affect the vast majority of internet users.

In February of this year, Chrome announced it would be rolling out a number of steps to phase out sites still using insecure HTTP connections.

Chrome’s entire philosophy with this is to incentivise website owners to drop HTTP in favour of HTTPS.

This week, Emily Schechter, product manager at Chrome Security, announced several new steps that will boost HTTPS usage across the web and enable users to see security as the default setting on Chrome.

Google Chrome changing security indicators

Previously, users would see indicators in the Chrome browsers confirming that the site they are on is secure – the green padlock and ‘Secure’ notation in the search bar, for example. Schechter explained that since Chrome will soon be marking every HTTP page as ‘Not Secure’, the team has decided to move towards removing the positive security indicators in Chrome.

The ‘Secure’ wording and HTTP scheme will be removed as part of Chrome 69 this September and the default unmarked state will be secure. Previously, HTTP usage was too high to mark every single HTTP page with a stark, red warning, but October 2018 (Chrome 70) will see the introduction of the red ‘Not Secure’ warning when a user tries to enter information on such pages.

The rate of progress in terms of getting sites to switch to HTTPS has, generally, been swift. In February, Chrome said that more than 68pc of traffic on Android and Windows was protected, with 78pc protection rates reported for Chrome OS and Mac. 81 of the top 100 websites were using HTTPS as their default connection method in February, a figure that has certainly increased in the three months.

Google also ranks HTTPS sites higher in search results in order to stimulate the adoption of the security protocol.

Why is HTTPS better?

HTTPS, or Hyper Text Transfer Protocol Secure, is the protocol over which data is sent between your browser and the site you are connected to. You’ll see it most often during online payments or when dealing with internet banking interfaces, but it will soon become the default.

HTTP is much more vulnerable to man-in-the middle attacks or malware injections, whereas HTTPS was designed to withstand attacks such as these.

Google Chrome app download window. Image: Sharaf Maksumov/Shutterstock

RECENT NEWS

Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals

The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more

AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments

Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more

Technology Sector Fuels U.S. Economic Growth In Q2

The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more

Tech Start-Ups Advised To Guard Against Foreign Investment Risks

The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more

Global IT Outage Threatens To Cost Insurers Billions

Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more

Global IT Outage Disrupts Airlines, Financial Services, And Media Groups

On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy.