Google Chrome is progressively modifying the alert in the search bar regarding the security of its cnecti to the website. I had a negative reacti to the early announcement.
When I heard for the first time in February Google’s plans to deprecate the green padlock and secure the alerts in the Chrome search bar and prevent ly if the site is not secure, I was initially skeptical. After all, the most active and safest state should be called as a trusted generator. We are used to that. It’s a good feeling.
For example, during office hours, the doors of a store must be unlocked. No signs are needed. In a particular situati, if the company is shut down for any reas, we would see a large “closed” sign. We are given an alert which gives us useful indicatis. It’s high state, more alert.
Additial reflecti Google Chrome
and analysis have cvinced me that Google has designed a good plan here. See: “The Chrome HTTP warning seeks to reduce web-based mitoring, to modify”. Google uses a phased approach that allows the Chrome user to exploit the web. And this gives websites the time to do what’s right or to shame. Here is the sequence, described by Google, about the appearance of the search bar / URL. (Google 68 was launched July 24)
- Chrome 67: secure: padlock and green text. Insecure: (i) Black URL ext.
- Chrome 68: secure: padlock and green text. Insecurity: (i) Black “unsecured” URL text.
The next steps will be progressive. Chrome 69, in September, will show a less spectacular black padlock. The label “Unsafe” will become red.
HTTP is a protocol with terrible security vulnerabilities. It is high time to leave. By alerting users to increasingly dramatic warnings about its misguided use, Google is helping us create a more secure website.
Google has this to say:
The “unsecure” warning of Chrome helps you understand when the cnecti to the site you are using is not secure and, at the same time, encourages the site owner to improve the security of his site. Since our announcement almost two years ago, the use of HTTPS has made incredible progress. We found in our transparency report that:
- 76% of Chrome traffic Android is now protected, compared to 42%
- 85% of Chrome traffic ChromeOS is now protected, compared to 67%
- 83 of the top 100 websites use HTTPS by default, compared to 37
Not a panacea
Going to HTTPS and leaving HTTP behind does not solve all possible security issues. However, it is a step in the right directi. We are advancing technically by degrees. Soer or later, there will be problems with HTTPS, and we will treat these issues as we go alg. In the meantime, more and more visible alerts unsafe HTTP sites seem to me to be a nice way to make healthy and productive progress.
Now the ball is in the camp of Apple. Apple always has good ideas the human-machine interface. But these two companies are enemies. Will Apple follow because it thinks Google’s thinking is well thought out? Or will Apple try to follow his own path? With potential cfusi. We will all watch Apple now.