With Chrome, Google is on a mission. A mission of making the Internet a safer place. Their ultimate goal is to show a warning that HTTP sites (instead of HTTPS) are not safe, but this is a long-term plan and there are many steps to end.
Since the beginning of next year in Chrome 56, the plan moves to the next step. From January 2017, HTTP sites that transmit passwords or credit card is still reported as dangerous.
Google is ready to inform users that data sent over an HTTP connection is vulnerable to being intercepted and read by a third party. As time passes, the more obvious and serious-looking warnings are displayed on HTTP sites, but Google does not put a time on it at this time.
Speaking of public perceptions of online security, the company said:
Chrome now shows HTTP connections with a neutral indicator. This does not reflect the real lack of security for HTTP connections. When a Web page is loaded via HTTP, another person on the network can view or edit the site before it gets to you.
A significant portion of Internet traffic has transitioned to HTTPS so far, and the use of HTTPS is constantly increasing. Recently, we have taken a step more than half the page loads desktop Chrome now served via HTTPS. In addition, from the time we published our report in February HTTPS, 12 other top 100 websites they have changed the default HTTP service to HTTPS.
Studies show that users do not see the lack of an icon "security" as a warning, but also that users become blind to the warnings that occur too often. Our plan to label HTTP clarity and precision sites do not know will take place in progressive stages, based on criteria more stringent. From January 2017, Chrome 56 pages marked HTTP password fields form or credit card as "dangerous", given his particular sensitivity.
No comments:
Post a Comment