Google Chrome 68 warns HTTP sites not secure – tip of the iceberg

HTTP

If you use the latest Google Chrome, you may start to see ‘Your connection to this site is not secure’ on older HTTP sites.

HTTP does not employ any encryption between you and the site – everything is in plain text. It is easy prey for hackers.

HTTPS does employ encryption making it safer to surf and conduct online purchases.

HTTPS is especially important over unencrypted Wi-Fi networks. Anyone on the same local network, such as a coffee-shop or other public network can ‘packet sniff’ and discover sensitive information about your visitors.

It is not about naming and shaming HTTP sites – it is about security

Google has done its best since the beginning of the year to warn users visiting HTTP websites that they are not secure. It has worked with 81% of the top 100 global sites using HTTPS. It is relatively easy to do. GadgetGuy has just completed the transition – admittedly just in time.

The remaining insecure websites are probably safe to visit but not safe for online transactions. Lack of encryption means these are more susceptible to drive-by code injection of malware.

That still leaves gazillions of sites on HTTP

Many of these are legacy sites. Often forgotten, they often serve little useful purpose.

If a site is that old and perhaps unloved, then Google’s decision to downgrade their search rankings (the equivalent of being banished to an electronic Neverland) is a good one.

Google is not intentionally banishing these sites, but it can apply its SEO (search engine optimisation) better to modern HTTPS sites. So if you have an HTTPS site with similar information, it is going to rate over an HTTP site.

Google is aware of the ‘collateral damage’ blanket enforcement of HTTPS could cause. The fact remains that recent research from analysing 1 million search results found ‘that HTTPS correlated with higher rankings on Google’s first page’.