In encryption push, Chrome flags HTTP sites as "not secure"

Found on ZD Net on Tuesday, 24 July 2018

Any site that doesn't load with green padlock or a "secure" message in the browser's address bar will be flagged -- and shamed -- as insecure.

That green padlock means any data sent from your computer or device to that website and vice versa is transmitted securely and can't be intercepted by an attacker.

Just overnight, several HTTP-only sites made the switch to HTTPS to escape being named and shamed by the browser.

HTTPS isn't a magic pill that suddenly makes the world a better place. In many cases, it's not really needed; but Google abuses it's share of the browser market. Website owners can protect their visitors more by not using Google or Facebook services which allow them to track you, no matter if you are on an encrypted connection or not. Not to forget that many will use Cloudflare as a HTTPS Proxy what means they give them their SSL private keys while at the same time the traffic between CF and the servers can continue to run over HTTP just fine. So much snakeoil.

Browse all articles« Previous « » Next »