On September 5th, the latest version of Google Chrome (69) was officially launched for Mac, Windows and Linux.
On July 24, Chrome 68 hit another security milestone when all web sites that do Not use the HTTPS protocol will be clearly marked as “Not Secure” on the address bar.
Today, Chrome 69 announced the removal of the “Secure” flag. Instead of specifically labeling HTTPS sites as “Secure,” it will label sites that use the HTTP standard as “insecure.” The goal is to let users know about insecure sites, and thus further advance whole-web encryption.
In a blog post earlier this year, Google Dad said:
Since we introduced security flags in Chrome, HTTPS usage on the web has become significant. Since it went so well, we decided to move forward and remove the sign. Because the user’s experience should be based on the fact that the network is secure by default and is only warned when something goes wrong. Since we’re about to start flagging all HTTP web pages as “insecure,” we’re phasing out Chrome’s positive security flag so that sites that aren’t tagged by default are secure. The plan is expected to start with Chrome 69 this September.
Despite all the talk about Chrome’s “secure” logo UI, there are a number of drawbacks. After all, there are a lot of phishing sites that dominate the screen using HTTPS these days. It is not reasonable for a phishing site to be marked as secure because it uses HTTPS.
Previously, it was difficult to put a red flag on all HTTP pages due to high HTTP usage. However, with Chrome 70 due for release in October, HTTP sites will display a red “unsafe” warning when users enter data.
Google has been working hard to create a safe online environment. Without exaggeration, Google deserves the most credit for the universal adoption of HTTPS. For a long time, companies like Google and Mozilla have been pushing for HTTPS to become ubiquitous in order to address the flaws and security issues in HTTP.
The figure below shows the growth trend of Chrome browser loading HTTPS websites. The top line is the United States, which has increased from less than 50% in 2015 to more than 80% at present. The bottom line is Japan, which maintained at around 25% in 2015-2016 and now has more than 60%. It is estimated from the network open data that the loading ratio of HTTPS in China is about 40%. It can be predicted that in the next one or two years, more and more domestic websites will switch to HTTPS.
In general, such new regulations achieve default security, and enhance the effect of insecurity, so that users have a big change in thinking. The reason for this is Google’s belief that “users should default to the Web being secure and Chrome should only warn when a page has a problem,” and it’s part of Google’s “HTTPS 100%” initiative to eventually make pages loaded into Chrome over HTTPS.
For more than a decade, Asia Integrity has helped more and more websites successfully deploy to HTTPS and replace certificates. In e-commerce, Internet finance, banks and government agencies, insurance and securities, medical institutions, system and software developers and other fields, by the industry continued attention and widely recognized.
In February this year, Netcraft data statistics, the Asian integrity digital certificate business with 40% market share to occupy the first in China. So far in HTTPS digital certificate field, is still in the position of the leader.
The whole site HTTPS era has arrived, Asia integrity will help websites quickly and easily from HTTP to HTTPS, the smooth implementation of Internet transmission in the field of trust and security.