Social Media

Chrome's Requiring HTTPS Seeks to Cut Web Tampering

February 6th, 2020 | by: Steve Pollack | Posted in : New Technology, Websites

The Hypertext Transfer Protocol lets your web browser fetch a web page from the server that hosts it. HTTP has had a good run, but it has a problem: It doesn't protect communications with encryption that blocks eavesdropping and tampering.

That's why Google, Mozilla and other tech industry allies have been pushing websites everywhere to switch to the secure version, called HTTPS for the past two years. And it's why, starting with the release of thelatest Chrome browsers, Google's browser will warn you whenever it loads an unencrypted HTTP website.

Chrome will show the words "not secure" next to the website in the address bar if it's not encrypted. It's a pretty open-ended warning, but you probably don't need to panic if you see it. It's far more likely to mean that it's time for website operators to update their sites than it is an alert somebody is trying to do something nefarious with your personal information.

 

Why haven't we been using HTTPS all along?

HTTPS is decades old, but in the early days of the web, it was only used to protect us when typing obviously sensitive data like passwords and credit card numbers into websites.

Most of the big sites you're likely to use protect your connection with HTTPS -- Google, Facebook, Yahoo, eBay, Microsoft, Amazon, Twitter, Instagram. Even if you explicitly request their nonsecured pages by typing an address beginning "http://" they'll upgrade you to a secure link anyway.

But there are others who aren't there yet. Some, like Chinese search company Baidu and e-commerce company Alibaba, will give you an HTTP page if you just type their URLs into the address bar, but will give you an encrypted page if you type "https://" before the addresses.

Others, like ESPN.com and BBC.com, give you the unencrypted website even if you specifically request the encrypted one.

Ultimately, HTTPS becoming ordinary means a harder time for attackers, snoopers and data thieves. See our article from 2017 about HTTPS and why it is important to buy your SSL Certificate HTTP vs HTTPS: Is Your Website on a Secure Connection?

At SM Sold, we love helping our clients stay up to date on the latest web technologies. Contact us today at 949.396.2906 to see how we can help!

Twitter

Facebook