Google Penalizing All Websites That Are Unencrypted


Google wants everything on the web to be travelling over a secure channel. That’s why in the future your Chrome browser will flag unencrypted websites as insecure, displaying a red “x” over a padlock in the URL bar.

With this upcoming change in Chrome, Google makes it clear that the web of the future should all be encrypted, and all sites should be served over HTTPS, which is essentially a secure layer on top of the usual HTTP web protocol. Several companies and organizations have been pushing for more encrypted sites as part of a campaign to “Encrypt All The Things,” which consists of promoting more websites to abandon the traditional, less secure HTTP protocol and adopt HTTPS.

Currently, Chrome displays only an icon of a white page when the website you’re accessing is not secured with HTTPS, a green locked padlock when it is, as well as a padlock with a red “x” on it when there’s something wrong with the HTTPS page the user is trying to access. The change will draw even more attention to the sites that are potentially insecure.

[clickToTweet tweet=”Contact ImpactWorks today to get your website SSL installed and back towards the top of Google search results!” quote=”The goal of this proposal is to more clearly display to users that HTTP provides no data security.” theme=”style5″]

The internet giant quietly announced this plan back in 2014, when one of the members of the Chrome Security Team sent out a proposal to mark all HTTP websites as “non-secure.”

“The goal of this proposal is to more clearly display to users that HTTP provides no data security,” Google’s Chris Palmer wrote.

On Tuesday, during a presentation at the Usenix Enigma security conference in San Francisco, an engineer at security firm CloudFlare showed how this looks like today when the user enables a special feature in Chrome’s settings, and presumably how it might look like in the future if it’s enabled by default. (You can see the little red “x” on the padlock in the URL bar.)

Parisa Tabriz, who manages Google’s security engineering team, tweeted that Google’s intention is to “call out” HTTP for what it is: “UNSAFE.”

The rationale is that on every website served over HTTP the data exchanged between the site’s server and the user is in the clear, meaning anyone with the ability to snoop on the connection, be it a hacker at a coffee shop or a repressive government, could steal passwords, private messages, or other sensitive information.

But HTTPS doesn’t just protect user data, it also ensures that the user is really connecting to the right site and not an imposter one. This is important because setting up a fake version of a website users normally trust is a favorite tactic of hackers and malicious actors. HTTPS also ensures that a malicious third party can’t hijack the connection and insert malware or censor information.

Google’s intention is to “call out” HTTP for what it is: “UNSAFE.”

Tech and privacy experts applauded Google’s plan.

”Chrome pushing forward on marking plain HTTP as outright insecure is an incredibly strong and pro-user move,” Eric Mill, a technologist who’s been working on web encryption, told Motherboard. ”Despite how common plain HTTP can still be today, it *is* outright insecure, and a real and present danger to users and to the open web.”

Google already signaled its preference for HTTPS websites when it called for HTTPS to be “everywhere” on the web during its 2014 I/O conference, and when it announced that it would rank encrypted sites higher in search results. But the internet giant is far from the only big player on the web pushing for more HTTPS. Mozilla and Apple have both indicated that they want more web encryption. And even the US government has taken important steps in that direction, requiring all .gov websites to be HTTPS by default before the end of this year.

Google hasn’t said when it will make the HTTP flag the default on Chrome, but a Google employee who asked to remain anonymous because he wasn’t authorized to speak to the press told me that there will be an announcement “soon” and that the intention is to make it default “someday, hopefully.” (A Google spokesperson declined to comment.)

But if you want to see how it looks like, you can already turn it on by typing “chrome://flags” in your Chrome browser and then navigate to “mark non-secure as” and selecting “mark non-secure origins as non-secure.”


Comments

  1. What is Sugar Defender 24? Jeffrey Mitchell made the Sugar Defender 24. It is a product (Sugar Defender Diabetes) that helps your blood sugar health.

  2. I think you have remarked some very interesting points, regards for the post.

  3. I like this web blog so much, bookmarked.

  4. It’s in reality a great and helpful piece of info. I am satisfied that you simply shared this helpful information with us. Please keep us up to date like this. Thanks for sharing.

  5. Heya! I just wanted to ask if you ever have any problems with hackers? My last blog (wordpress) was hacked and I ended up losing months of hard work due to no data backup. Do you have any methods to prevent hackers?

  6. Have any favorite blog posts or writers? Share them with us in the comments!

  7. Every time I read one of your posts, I come away with something new and interesting to think about. Thanks for consistently putting out such great content!

  8. These are truly impressive ideas in regarding blogging. You have touched some fastidious factors here. Any way keep up wrinting.

  9. Статья содержит информацию, которая помогла мне расширить свои знания по данной теме.

  10. In fact no matter if someone doesn’t understand afterward its up to other people that they will assist, so here it occurs.

  11. Автор предлагает объективный анализ различных решений, связанных с проблемой.

  12. toto togel merupakan situs togel online dengan hadiah terbesar 10juta rupiah

  13. toto togel dapatkan hadiah paling besar yang kamu bisa raih di situs ini

  14. pelayanan terbaik untuk menyelesaikan berbagai masalah

  15. I was wondering if you ever thought of changing the page layout of your website? Its very well written; I love what youve got to say. But maybe you could a little more in the way of content so people could connect with it better. Youve got an awful lot of text for only having one or 2 pictures. Maybe you could space it out better?

  16. Статья представляет объективный анализ проблемы, учитывая разные точки зрения.

  17. Hey very nice web site!! Guy .. Beautiful .. Amazing .. I’ll bookmark your blog and take the feeds additionally? I’m happy to search out numerous useful information right here in the submit, we need work out extra techniques in this regard, thanks for sharing. . . . . .

  18. Это поддерживается ссылками на надежные источники, что делает статью достоверной и нейтральной.

  19. Хорошая работа по анализу проблемы и представлению различных точек зрения.

  20. Your blog post was really enjoyable to read, and I appreciate the effort you put into creating such great content. Keep up the great work!

  21. Hey! I could have sworn I’ve been to this website before but after browsing through some of the post I realized it’s new to me. Anyways, I’m definitely happy I found it and I’ll be book-marking and checking back often!

  22. Эта статья просто великолепна! Она представляет информацию в полном объеме и включает в себя практические примеры и рекомендации. Я нашел ее очень полезной и вдохновляющей. Большое спасибо автору за такую выдающуюся работу!

  23. I wanted to thank you for this very good read!! I certainly enjoyed every bit of it. I have got you book marked to check out new stuff you post…

  24. An attention-grabbing discussion is worth comment. I believe that you should write more on this subject, it won’t be a taboo topic but typically individuals are not sufficient to talk on such topics. To the next. Cheers

  25. Hey there! I’ve been reading your web site for a while now and finally got the bravery to go ahead and give you a shout out from Kingwood Tx! Just wanted to say keep up the great job!

  26. Good day! I know this is kinda off topic but I was wondering which blog platform are you using for this site? I’m getting fed up of WordPress because I’ve had problems with hackers and I’m looking at options for another platform. I would be fantastic if you could point me in the direction of a good platform.

  27. Thanks for sharing. I read many of your blog posts, cool, your blog is very good.

  28. Thanks a lot for sharing this with all of us you actually recognise what you are speaking approximately! Bookmarked. Please additionally visit my web site =). We will have a link alternate agreement between us!

Leave a Reply

Your email address will not be published. Required fields are marked *