News Courtesy of cnet.com:
HTTP, one of the technologies that’s made the World Wide Web work since Tim Berners-Lee invented the web more than 25 years ago, is about to get a big black mark by its name, thanks to Google’s Chrome web browser.
The Hypertext Transfer Protocol lets your web browser fetch a web page from the server that hosts it. HTTP has had a good run, but it has a problem: It doesn’t protect communications with encryption that blocks eavesdropping and tampering.
That’s why Google, Mozilla and other tech industry allies have been pushing websites everywhere to switch to the secure version called HTTPS. And it’s why, starting with the release of Chrome 68 on Tuesday, Google’s browser will warn you whenever it loads an unencrypted website with HTTP.
After hearing about Google’s intention to flag HTTP websites as insecure almost over a year ago, it seems like that time has finally arrived. Many people had expected Chrome 68 to be released at the beginning of July. Nothing happened. I thought due to the impact it would have that Google got cold feet and would delay the rollout. Now, according to CNET, this latest update will begin tomorrow.
What boggles my mind is how some major companies seem to shrug this off. If you go to the CNET article, an example of the warning shows ESPN.com label as not secure. Surely, this example has to be fictional or perhaps even an outdated image. It isn’t. Going to ESPN’s website today does show that it is using HTTP. There really is no excuse for that. They’ve had a whole year to prepare for the transition.
It’s not just ESPN. foxnews.com will also be affected. Think about that. A prominent NEWS website being marked as not secure! In my SSL blog post way back on November 2nd, 2017 I showed an example of CNN being not secure. Since then, that issue has been corrected. They were proactive in making the switch and avoiding embarrassment.
I think there will be a small uproar over this new Chrome update. Although companies will have only themselves to blame. I have no doubt there will be a mad scramble for these websites to make the transition. It is something they should have been doing this whole time. To blame Google and their browser for causing hysteria would be unjust. After all, it is their property, and the intent to make a more secure internet should not be argued.