Google is on a mission to make using the internet a safer experience for even the least techie surfers. One feature at a time, it’s been trying to highlight not just when something is safe, but when it’s not. And soon, another one of those tweaks is coming to Chrome.
Google announced today that it’s changing another default in the name of making your data safer.
When it comes to ordinary web surfing, of the type we’ve collectively been doing for 25 years, the default we’re used to is not the smarter one. Good old HTTP isn’t really very secure, and can pretty easily be hijacked by anyone who feels like causing trouble.
That’s why HTTPS is slowly becoming the new default. In recent years, thousands if not millions of sites (including Consumerist) have switched to making HTTP, the more secure connection, the way the site loads for everyone.
So with the January change to Chrome, Google’s going to be pushing that “default” status a little bit more. Instead of just marking when a page is using HTTPS, as it currently does (look for the little green lock), Google’s going to mark visibly when it isn’t, like so:
The change won’t apply to every HTTP-using site on the web, but it will be visible when a page is transmitting payment or password information — those things you most want to keep to yourself. That’s because studies show that putting up too many warnings makes people tune them out, the Chrome team explains, so it’s starting small.
Eventually, however, many months down the line, Chrome will be marking all HTTP pages as insecure. The idea is that by the time Google’s ready to start throwing up that warning, it will be uncommon enough that it really grabs users’ attention.
It’s a lot like the insecure and unauthenticated icons Google started dropping into GMail early this year: treat the secure version as the “neutral” one, and draw attention when the situation is otherwise. And Chrome is now the most popular web browser, so Google’s actions have a widespread impact on users and the sites they visit.
by Kate Cox via Consumerist
No comments:
Post a Comment