HTTP Connections will be marked as insecure by Google Chrome
HTTP might be finally die. Chrome’s security team announced that the browser will start marking websites that use plain HTTP connections for webpages that contain passwords and credit card details, as insecure to protect its users.
This update it is planned to roll out in January 2017. The warning will appear in the address bar of the browser and will display a “not secure” indicator before HTTP URLs. We are aware that transmiting such sensitive data can be intercepted by the man-in-the-middle attacker on public wireless networks or via compromised routers.
What will look like?
Emily Schechter, (member of the Chrome security team), said that “Studies show that users do not perceive the lack of a ‘secure’ icon as a warning, but also that users become blind to warnings that occur too frequently.”
According to Google’s data, now half other pages loaded by Google Chrome users are encrypted using HTTPS, and more websites are using the security protocol. Even the online advertising industry is also made a progress by providing ads over HTTPS.
In addition, Google which runs Chrome is not the only company that makes their connections more secure. Apple, said earlier this year that it would require app developers to force HTTPS connections for iOS apps by the end of 2016. Facebook’s instant articles are served over HTTPS which automatically adds security for readers. Having such pressure from the biggest tech companies will push security forward for millions of people. Such changes, intent also to pressure site owners to switching to more secure HTTPS, that will help to prevent malicious users on the network.