A Google Chrome update scheduled for January 2017 will warn users who access a site not using HTTPS encryption. While the change doesn’t mean that non-HTTPS websites will be inaccessible, the web browser will advise users against visiting these sites.
“Beginning in January 2017, we’ll mark HTTP sites that transmit passwords or credit cards as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure. Chrome currently indicates HTTP connections with a neutral indicator. This doesn’t reflect the actual lack of security for HTTP connections. When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.” wrote Emily Schechter of the Chrome Security Team.
Google plans to make these changes to Chrome by marking HTTP sites as non-secure in the browser window (see the image above). While users will still be able to access these websites, Google hopes to make everyone reconsider visiting non-HTTPS sites.
This announcement also comes on the heels of Google adopting HTTPS as a ranking signal. With HTTPS almost being required for SEO purposes, a growing number of websites are switching to HTTPS. A recent Google Transparency Report indicated nearly 80% of sites are using HTTPS encryption.
What is HTTPS?
At this point, you might be wondering what the heck HTTPS is and how it affects the average Internet user. HTTPS is a secure (hence the “S” at the end of “HTTPS”) protocol that encrypts all communication between a user’s browser and a website. You can read more about the details behind HTTPS in this excellent HTTPS guide.
HTTPS is an effective way of protecting the user from any malicious activity and fraud (in addition to a VPN). HTTPS is especially useful when submitting credit card or other sensitive information online.
The easiest way to spot whether a site is using HTTPS is through the address of the website (http://www.example.com vs https://www.example.com). A visually appealing way of noticing a HTTPS site is the presence of a green padlock bar with the organization behind the website listed. You can see an example of this currently on this very web page (4choice Ltd is the company behind BestVPN).
Webmasters usually have been forced to pay for HTTPS encryption by purchasing an SSL certificate. The recent launch of Let’s Encrypt free SSL certificates allows everyone to enjoy the benefits of HTTPS.
Google Chrome Update 56: The Future as Google Knows (Wants) It?
Google also mentioned marking non-HTTPS websites with a “Not Secure” red warning symbol in a future Google Chrome update. Eventually, all unsecured websites will suffer banishment from Google search results.
HTTPS on more websites creates a more secure web; there’s no question about it. The only reason to be worried is Google’s continued influence over the Internet combined with the company’s glaring privacy issues.
Whether it’s regarding data collection or concerns of a monopoly, Google is full of question marks in terms of privacy. Throw in the fact that Google collects a ton of user data and there is reason to doubt Google’s true intentions.
Nonetheless, Google has made HTTPS a priority, and we here at BestVPN are happy to see these changes. What is open to interpretation is how well these changes go and whether they stay genuine to the user’s interests. Stay tuned.