Google Chrome security

The unfathomable dilemma of internet security has lately been haunting the tech firms of silicon valley. The internet giant Google has apparently acknowledged the security concerns and has stepped up to fix the issue to a certain extent. The search engine giant Google is dropping the secure indicator from all HTTPS sites on its eponymous web browser Chrome. Google is making slight, but important, changes in visual cues for HTTPS in its Chrome browser’s interface. The change is supposed to roll out in two stages starting from September this year.

Google will phase out the green lock icon and ‘Secure’ label next to URLs from sites using HTTPS on Chrome version 69. Then from October, the browser will start warning users about insecure sites, showing a prominent red “Not Secure” message in Chrome 70 version.

 

Google Chrome security
Chrome 70 treatment for HTTPS sites.

Right now, Google Chrome shows a green lock and secure label to indicate that the user is visiting a ‘secure’ page that is encrypted and protected from cyber attacks. Apparently, Google’s aim is to ensure that 100% of the internet uses HTTPS, and it has gotten pretty close. Now, as so many sites are becoming secure, Chrome will only flag the sites that are unsecured. Websites visited on Chrome which doesn’t have HTTPS certificates will trigger a prominent red warning.

HTTPS (or Hyper Text Transfer Protocol Secure) is a more secure version of HTTP and acts as a secure and encrypted communication protocol between the browser and the websites that you are connected to. It prevents eavesdroppers to furtively access your confidential information. HTTPS is often used for online transactions such as online banking and online shopping order forms where confidentiality is of utmost importance. Your data is protected from third parties, and that’s why a lot of modern websites are employing this technology, using SSL (Secure Socket Layers) or TLS (Transport Layer Security), the underlying tech behind HTTPS.

Discerning The Biggest And Overrated Challenge

The internet and social media users have become more than vulnerable recently in the wake of Facebook’s data breach scandal. The tech companies are earning billions of dollars from our activities online and they just can’t get away with users’ data without guaranteeing privacy and security, although Facebook did! Google, perhaps, wants to ascertain that safe websites should be a norm on the internet. Google’s argument is, “users should expect that the web is safe by default.”

Needless to say, encryption makes the web more secure. There are close to 1.78 billion active sites across the world till April 2018, up 12.8 billion from the previous month. Security is the chief concern with that astounding rate of increment as a countless number of sites are still under the threat of various kinds of hijacking attacks which can be exploited to carry out phishing, pharming and other cyber attacks.

The growth of HTTPS mostly brought a positive shift in the evolution of the internet. But still, only 1 in 20 HTTPS servers correctly implements HTTP Strict Transport Security. Thereby, the remaining 95% of HTTPS servers are prone to MITM (Man-in-the-middle) attacks. By May 12, 2018, 83% of the websites visited on Chrome using Windows were HTTPS pages. Google is likely to make browsing on Chrome safer than ever for the user. A red warning could potentially scare away site visitors and eventually raise the bounce-away metrics. This would adversely affect the non-secure sites as more people may stop visiting those sites.

This also would help the search engine giant to filter through the safe and unsafe sites easily. Google has been doing considerably good when it comes to security. The company has claimed that it has reached encryption levels of 93% across Google and aims to achieve 100% encryption across all its products and services.