Google Chrome Will Mark HTTP Sites as Insecure With a Big Red X


HTTP sites will be considered broken and insecure by default
Jan 28, 2016 18:45 GMT  ·  By Catalin Cimpanu

If you have hired Web.com/Network Solutions to do your web site please contact them to have it converted over to HTTPS other wise your site may not be seen..especially if it was written in/with WordPress if they refuse ask for a refund.

Permanent changes are planned for future Google Chrome releases which will add a big shiny red cross in the URL bar if the website you’re accessing is not using HTTPS.

Google said it’s planning to add this to Chrome by the end of 2015, after one of its developers proposed the idea back in December 2014.

“The goal of this proposal is to more clearly display to users that HTTP provides no data security,” said Chris Palmer in a proposal which was recently opened to the public.
A UI change with enormous consequences

His plan is based on the principle that users won’t consider something as insecure unless there’s a warning that signals this. Until now, Google was only showing errors if there was something wrong with the encryption, but not when HTTPS was lacking altogether.

By marking HTTP sites with a big red cross, Google devs are hoping to educate users about the dangers of navigating HTTP websites where they share personal details or make financial transactions.

If you’re currently accessing an HTTP page where you make credit card transactions, Google won’t display any type of error, even if sending financial information in cleartext is one of the dumbest and dangerous things you can do.

According to Google’s new plan for Chrome’s UI, users should easily notice a big red X left to the page’s URL, and avoid carrying on with their transaction.
You can see the proposed UI in action right now

The proposal put forward by Mr. Palmer has already been implemented in Chrome. If you want to see a working version, you’ll need Google Chrome 48. Some older versions might work as well since the indicators have been around for more than a year, but we haven’t tested other versions outside v48.

In Chrome, open a new tab, write and access the chrome://flags setting page.

Here you’ll need to search for the “Mark non-secure origins as non-secure” and select the “Mark non-secure origins as non-secure” option instead of “Default.”

Roy Miehe | MspPortal Partners Inc. | Ceo/President  Where Service and Technical Skills Count
Web: http://www.mspportalpartners.net
Blog: blog.mspportal.net

Tags: , , , , ,

Comments are closed.

%d bloggers like this: