Google will start to  downgrade HTTP sites on its Chrome browser from January 2017 by marking  them out as less secure in a bid to stop people visiting sites run by  crooks and scammers.
The move means that legitimate website operators without HTTPS websites need to act. Google has long hinted at such a move so it should not come as a huge surprise.
"To help users browse the web safely, Chrome indicates connection security with an icon in the address bar. Historically, Chrome has not explicitly labelled HTTP connections as non-secure," said Emily Schechter from the Chrome Security team in a blog post.
"Beginning in January 2017 (Chrome 56), we'll mark HTTP sites that transmit passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.
The move means that legitimate website operators without HTTPS websites need to act. Google has long hinted at such a move so it should not come as a huge surprise.
"To help users browse the web safely, Chrome indicates connection security with an icon in the address bar. Historically, Chrome has not explicitly labelled HTTP connections as non-secure," said Emily Schechter from the Chrome Security team in a blog post.
"Beginning in January 2017 (Chrome 56), we'll mark HTTP sites that transmit passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure.
"A substantial portion of web traffic has transitioned to HTTPS so far, and HTTPS use is consistently increasing. We recently hit a milestone with more than half of Chrome desktop page loads now served over HTTPS.
"In addition, since the time we released our HTTPS report in February, 12 more of the top 100 websites have changed their serving default from HTTP to HTTPS."
Google is very keen on this sort of thing, and recently applied the HTTPS padlock sign to Gmail.
"Studies show that users do not perceive the lack of a 'secure' icon as a warning and become blind to warnings that occur too frequently. Our plan to label HTTP sites more clearly and accurately as non-secure will take place in gradual steps, based on increasingly stringent criteria," said Schechter.
"Chrome 56 will label HTTP pages with password or credit card form fields as not secure, given their particularly sensitive nature.
"In following releases, we will continue to extend HTTP warnings, for example, by labelling HTTP pages as ‘not secure' in Incognito mode, where users may have higher expectations of privacy.
"Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS."
 
 

![[Music] Chrys ft. Zona – Lekpa](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2xmSLQPgB1aqkCMIExjAcrggKwmB4c4AN-F0A0dWSyV2YF43rBmC5DTX7SY6GgjHSQ6MHwyCxoLXGX7QRSa9F8gYYzzos9YMAQgcRlmb0nsgq6yrVOKdUjyAUJPOdIyU7Z0pWDx_FILDz/w72-h72-p-k-no-nu/Chrys-ft-Zona-Lekpa-mp3-image.jpg) 
 
 
 
 
 
No comments:
Post a Comment