Chrome cracks down on sites that don’t use encryption
Chrome is embarking on a crusade to crack down on websites that still aren’t using encryption, and it starts with the latest version of the browser, Chrome 56.
Chrome 56 is launching in January, and will implement a new warning that you’ll see on any login sites that are still unencrypted. The pages will be marked as “not secure” in a small window by the address bar, which should help usher browsers away from any site that’s still not utilizing HTTPS. In the future, these pages will also be denoted with a special red triangle symbol as well.
This is in contrast to the way Chrome already warns users, as it uses a “neutral indicator,” as explained by Emily Schechter, Chrome Security Team.
HTTPS, as Schechter explains, is important because loading sites via regular HTTP opens you up to potential attacks: “When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.” Attacks utilizing these windows of opportunity do happen, and quite a bit more often than you’d think.
Chrome is continuing a series of ongoing efforts to improve the browser’s security, but these are a couple of the most recent and important steps in keeping users and their information safe.
(24)