Google Warns Chrome Will Block Some Content After New Updates

ANKARA, TURKEY - SEPTEMBER 02: Logo of Google Chrome is seen in front of a screen in Ankara, Turkey on September 02, 2018. (Photo by Gokhan Balci/Anadolu Agency/Getty Images)

 

Just days after Google’s plans to introduce controversial DNS over HTTPS (DoH) to Chrome hit the headlines, comes news of another HTTPS change that is set to hit the hundreds of millions using the world’s most popular browser. For Google this change is critical, completing the task of pushing websites to ensure all traffic is encrypted. For website developers, it means there is a cut-off date to make changes. For users, it means some content will be blocked—even on popular sites—as changes take place.

By Zak Doffman

The latest news comes with a warning—websites that have been dragging their feet in sorting out encryption settings are going to find themselves rejected by Chrome. At issue are those sites that only encrypt parts of their sites or pages, introducing security vulnerabilities despite seeming to have taken a good approach to security.

This so-called “mixed content” occurs when the website loads over a secure (HTTPS) connection, but some of the content within its pages loads over an insecure (HTTP) connection. This confuses users who think they’ve accessed a secure site, when in truth that isn’t entirely the case. And “confusing” users into taking risks is bad news.

 
Whether through laziness or complacency, Google argues that website developers need to get their houses in order on this issue and are now forcing the point. Blocking this so-called “mixed content,” Google says, “will improve user privacy and security on the web, and present a clearer browser security [interface] to users.”

Google has arguably done more than anyone else to push the web towards default encryption. “Chrome users,” the company says, “now spend over 90% of their browsing time on HTTPS on all major platforms. We’re now turning our attention to making sure that HTTPS configurations across the web are secure and up-to-date.”

Some of this mixed content is already blocked—especially where there’s a chance it may include scripts or calls that in themselves might be insecure. But rich media content has until now received an exemption. Not for much longer.

These exemptions still “threaten users’ privacy and security…

Read on…article continues HERE on Forbes’ website

Leave a Reply