Google Chrome to Start Displaying Warnings on All HTTP Websites

google-chrome-http-warning-featured

While at one point nearly every website we visited started with the prefix “HTTP,” that’s not the case anymore. It’s seen as less safe, so the Google Chrome web browser is going to start warning its users when it hits a site that is still HTTP.

HTTP stands for Hypertext Transfer Protocol. It’s been used on websites since the World Wide Web was invented more than a quarter century ago. Back then they never could have imagined the potential problems that could come with visiting a website that wasn’t secure.

HTTPS (Hypertext Transfer Protocol Secure) can be much safer to use, as like the name says, it’s more secure because it’s encrypted.

Using HTTP for a website instead of HTTPS has always been problematic,” said the head of cryptography at Cloudflare, Nick Sullivan. “Every interaction you have with a website that is unencrypted is broadcasted to an unknown set of companies in arbitrary locations across the globe.”

This is a massive privacy problem. It’s also a security problem because the website content can be modified along the way without the user knowing. This invites intermediaries to insert ads, trackers, or malicious software to websites.

news-chrome-http-warning-www

With HTTP websites, nefarious individuals can

  • Insert other content such as ads that aren’t supposed to be on the websites
  • Insert software that a user can’t see that will mine cryptocurrency
  • Use DNS hijacking to redirect visitors to fake websites that will intercept their login info

Even some nations that have governments that control their Internet, such as Egypt and China, can take advantage of the weakness of HTTP.

The United States is against strong encryption techniques, with FBI Director Christopher Wray claiming strong encryption on mobile phones prevents law enforcement from having access to evidence.

But Google wants to warn you when visit a less secure HTTP site. And for that reason, with the release of Chrome 68 on July 24, the browser will begin to warn users when it connects with an unencrypted HTTP website.

Chrome will display the words “not secure” next to the URL in the address bar for websites that are not encrypted. It doesn’t necessarily mean harm will come to you if you visit the website, however. But it may be annoying enough that website owners may want to update their sites to the HTTPS standard.

news-chrome-http-warning-https

However, with Chrome 68 in September, instead of seeing the green padlock icon and the word “secure” on HTTPS connections, you’ll only see a black padlock. It seems they want us to realize that a website being secure shouldn’t be something special.

In October, Chrome 70 will be released, and the “not secure” warning in the address bar will then be displayed in a red color to be more alarming to you.

As far as other browsers, Mozilla says when they have a timeline for marking HTTP connections, they will announce it. Safari doesn’t show any alert, and the Edge browser shows an icon for HTTP connections. When it’s clicked, it offers a warning about the website not being encrypted.

The important thing to remember here is that everyone has choices. Just as website owners have a choice whether to update their site from HTTP to the encrypted HTTPS, you have a choice on whether to use Google Chrome with its new escalating warning system or use a browser that isn’t so obtrusive.

If you travel up to your address bar in whatever browser you are reading this article in, you’ll see that Make Tech Easier is secure with HTTPS.

What do you think about these warnings from Google Chrome? Do you think it will bother you to be warned every time you enter a non-secure website? Or will you be glad that they are taking the steps to warn you: Let us know what you think in our comments section below.

Image credit: Closeup on the screen with depth of field and focus on the padlock by ktsdesign/Shutterstock

2 comments

  1. “Google Chrome to Start Displaying Warnings on All HTTP Websites”
    Big, Fat, Hairy Deal!
    So now, instead of “nefarious individuals”, only Google will be able to track the users, insert software users can’t see and do other nefarious things.

  2. “However, with Chrome 68 in September, instead of seeing the green padlock icon and the word “secure” on HTTPS connections, you’ll only see a black padlock”

    This is *extremely* dangerous…and yet another reason to not use Google’s spyware browser. The whole point behind the green padlock is to indicate that the *website* itself is secure. I’ve been to several websites that connect via HTTPS but the padlock wasn’t green…indicating that while the *connection* is secure, the *website* isn’t. Having the padlock black all the time means that when using Chrome, one will never know whether or not the website is actually secure.

    “What do you think about these warnings from Google Chrome?”

    I think it’s a pain in the arse and typical of Google…they seem to think that they are the “be all, end all” of the Internet. I actually got an e-mail from Google once telling me that I had coded a link ‘wrong’ on a website and that if I didn’t change it so it was ‘right’, Google was going to “penalize” me. Since there was no actual technical problem with the way I’d coded the link, I very impolitely told Google what they could do with themselves.

    “Do you think it will bother you to be warned every time you enter a non-secure website?”

    Yes, it would. There are *thousands* of web sites that do not *need* to be secure…blogs, for instance. The only sites that *need* to be secure are those that require highly personal info that could be used for identity theft, such as bank and shopping sites, and the green padlock is the only assurance I need that everything on such sites is secure.

    If a browser were to stop showing me the green padlock on sites that are secure, or were to start harassing me about the lack of security on sites that don’t need to be secure, that would be enough to make me stop using the browser. Of course, the fact that it’s Chrome that’s going to start doing these things really isn’t a problem for me…the fact that Chrome is spyware means that it’ll never see the light of day on any of my computers anyway.

Leave a Comment

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.

Sponsored Stories