Chrome Will Mark Unencrypted HTTP Sites as “Not Secure” in July
A reminder to all developers: Google Chrome will release Chrome 68 to advocate HTTPS encryption for all websites. This release marks all HTTP websites as “not secure” in the Chrome address bar, and stable updates go live on July 24 for all internet-facing websites as well as corporate and private intranet sites accessed with the browser.
[Read: The S in HTTPS]
This step was first announced in Q1 of 2018, but only became live recently. This represents Google’s strongest push for developers to adopt website encryption for secure browsing. Over the years, the company encouraged the use of SSL certificates with icon warnings to assure the general public that the connections are safe against threats like man-in-the-middle (MiTM) attacks.
This update has since raised concerns on whether all enterprises can make the needed changes. Moreover, security insiders comment that the general public might consider this as “an umbrella” term; ordinary consumers associate the Chrome warning icons with the websites themselves instead of the connections they are in. However, enterprises in Europe will likely adapt to the changes faster because of the stricter TLS website encryption defined by the General Data Protection Regulation (GDPR).
[Read: Are you GDPR compliant?]
Security researchers have also published studies showing more internet users visited websites with valid TLS certificates, especially for transactions involving sensitive information such as banking. Others also cited that customers are willing to go to competitors’ websites and complete transactions if they see the warning icons. Google is determined to push developers in using HTTPS, and launched Lighthouse and tools to make migration easier. While Chrome is the first browser to adopt the technology as a default it is highly likely that other browser vendors such as Microsoft and Mozilla will follow suit.
Update:
The release date of Chrome 68 was changed to July 24, 2018 after the publication of this entry.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Ransomhub
- Unleashing Chaos: Real World Threats Hidden in the DevOps Minefield
- From Vulnerable to Resilient: Cutting Ransomware Risk with Proactive Attack Surface Management
- AI Assistants in the Future: Security Concerns and Risk Management
- Silent Sabotage: Weaponizing AI Models in Exposed Containers