Google announced yesterday that the company's web browser Google Chrome will mark HTTP sites as insecure in Chrome 68 Stable.
The current stable version of Chrome displays an i-icon next to the website address if the site uses HTTP and not HTTPS. HTTPS sites are marked as "secure" in the web browser currently.
Chrome users who click on the icon receive the message "your connection to this site is not secure" and that they should not enter any sensitive data because it can be stolen by attackers.
Google Chrome marks some HTTP sites as not secure already. This is the case for web pages that have password or credit card number fields. Websites with these fields are marked as not secure by the browser since Chrome 56 released in January 2017.
Google Chrome 68 will mark any HTTP site as insecure. Google plans to release Chrome 68 Stable in July 2018.
Webmasters have until then to migrate their sites from using HTTP to HTTPS. Google gives sites that use HTTPS a small boost but that becomes less of a factor as more and more sites start to use HTTPS.
Visitors trust in sites that use HTTP may drop however because of the "not secure" attribute displayed in the browser.
Google notes that 68% of all traffic on Android and Windows, and 78% of all traffic on Chrome OS and Mac OS X is protected by HTTPS already and that the numbers increased significantly in the last year.
Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default. HTTPS is easier and cheaper than ever before, and it unlocks both performance improvements and powerful new features that are too sensitive for HTTP.
Chrome users who run development builds can enable the functionality right now in the browser. Just load chrome://flags/#enable-mark-http-as in the browser, click on default and set the preference to enabled. Some development versions of Chrome show the "not secure" flag automatically.
Now You: How do you handle HTTP sites?
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.