[ad_1]
Google is ready to deploy Chrome 68 around the world and, in the process, will radically change the way it communicates which sites are safe to visit and which are not.
Chrome, the world's most popular browser, has more than a billion Windows, Mac and Linux users and to this day, it will take a major step in Google's two-year campaign to pbad the world to HTTPS or HTTP. Secure ", which means that the connection between the user and the site is encrypted and the data is protected.In recent years, Google has found that HTTP pages are no longer secure. the most notable change in Chrome 56 in January 2017 that began to tag pages where users enter pbadwords or credit card data is HTTP and not HTTPS.
In Chrome 62, released in October , HTTP pages were marked as "insecure" if the user was browsing in "incongnito mode" more on pages containing a pbadword field and on any page that could enter data.
Today now, with the release of Chrome 68, all HTTP pages will display the words "Not Secure" rather than the previous neutral message, which says nothing if it is a page where users type sensitive information on a page HTTP This is part of l & # 3 9 Google's approach of dragging websites to HTTPS, which is a way to prevent malicious people from recovering sensitive information like pbadwords and credit card information that Google wanted to protect. HTTPS can not prevent hackers from hacking an online ticket vendor and stealing the credit card numbers they've stored, but hackers can not at least get the information when they move between the browser and the site.
The next phase begins today with the release of Chrome 68 which will mark all HTTP pages as "Unsafe".
Chrome's "Unsafe" warning helps you understand when the connection to the site you're on is not secure and, at the same time, encourages the site owner to improve the site. Since our announcement nearly two years ago, the use of HTTPS has made incredible progress. " said Emily Schechter, Chrome's security product manager.
Google claims that 76% of Chrome traffic on Android is now HTTPS and 83 of the top 100 sites use HTTPS by default.
Change is mainly for Chrome on the desktop. Due to space limitations, on Google Android has taken a different approach, opting for an "i" icon to indicate potential nastiness.
When Chrome 69 arrives in September, Google plans to remove the word "secure" for all sites, unless they are not secure. Then, in October, with Chrome 70, it will display a red "insecure" warning for pages where users enter data on HTTP pages.
Firefox has implemented its own version of Context Warnings for sites where users enter pbadwords or credit card data on pages, but it is overshadowed by the number of Chrome users on all platforms.
Google wanted the Web to evolve towards organizations such as Let's Encrypt, a certification authority that it sponsors to distribute free and automated SSL certificates.
Not everyone supports Google's HTTPS push. As Wired noted, Dave Winer, an RSS creator and noted agitator against Google's power on the web, complained in February that Google's efforts to "deprecate HTTP", was bad for the web because the web had to be open, not a business platform "and that Google, as a guest, should not set its rules.
The switch to the marking of all the HTTP sites like "unsecure" illustrates this notion because some of these sites that will be marked negatively do not even ask for information about the users.Users will see the warning and will skip the return button irresponsibly.
Worse yet, Google's plan to divert people from HTTP sites will make much of the history of the Web inaccessible; Winer compared Google's HTTPS initiative to a "mbadive burning of books" on an unprecedented scale [19659002] If HTTPS were as good as Google claims, site operators would do it but with a gatekeeper as big as Google controlling traffic to sites, site operators – including small bloggers – are forced to do something but do not benefit them clearly. They would be facing warnings from Google like the one Winer himself received in June.
Learn More: How Microsoft Helped to Neutralize "Double Zero Day Exploitation" Before Anyone Infected
Winer's main concern is that Google could kill a space and are now high, despite initiatives such as Let's Encrypt. Security in this case, has a cost.
"The web is not sure, it's okay we do not want every place to be safe, so people can be wild and experiment and try new ideas." That's why the web has been the land of choice for so many incredible things in its history
Lots of things are not safe, cross the street, ride a bike in Manhattan, fall in love, we do it anyway. can not be safe all the time Life itself is not sure
If Google manages to make the web controlled and bland, we'll just have to reinvent the web outside the sphere of Google save time and create the new website on the Web, "writes Winer.
Contribute to the newsletter!
<! – CSO Online's weekly briefing for data security managers helps identify data security factors that jeopardize business success and provide technical, operational, or procedural safeguards. ->
Error: Check your email address.
Tags MicrosoftGoogleencryptionFirefoxmozillachromeHTTPHTTPS
Learn more about GoogleLinuxManhattan
[ad_2]
Source link