Google Chrome "HTTP Not Secure" Warnings Start

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Google Chrome "HTTP Not Secure" Warnings Start

engine

9:22 am on Jul 25, 2018 (gmt 0)

We've all been well aware of the coming of HTTP not secure warning in Chrome. Well, it's now rolling out, and i'm sure there's going to be some confusion amongst consumers, and some frustration from site owners that haven't switched, either because they don't process any data, or don't have the funds to make the change: I know of quite a few that run on a shoestring budget. Oh, btw, if you're processing a users data, such as in banking, etc., it's essential.

I still believe it's an over-the-top alert - it should just have been "secure" or nothing, imho.

[blog.google...]

Samizdata

9:20 pm on Sep 18, 2018 (gmt 0)

I left this site as http because there isn't any reason to go https

Here is a reason:

HTTPS helps prevent intruders from tampering with the communications between your websites and your users’ browsers. Intruders include intentionally malicious attackers, and legitimate but intrusive companies, such as ISPs or hotels that inject ads into pages.

Intruders exploit unprotected communications to trick your users into giving up sensitive information or installing malware, or to insert their own advertisements into your resources. For example, some third parties inject advertisements into websites that potentially break user experiences and create security vulnerabilities.

Intruders exploit every unprotected resource that travels between your websites and your users. Images, cookies, scripts, HTML … they’re all exploitable. Intrusions can occur at any point in the network, including a user’s machine, a Wi-Fi hotspot, or a compromised ISP, just to name a few.

Source: [developers.google.com...]

...

This 61 message thread spans 3 pages: 61