Google Simplifies Web Browser Security Warnings
Google is to tone down security warnings for users of the Chrome browser. It believes the move won't increase user risk and may instead encourage websites to improve security.
The change involves the way secure websites appear in the address bar in Chrome. At the moment, a website in Chrome will appear with one of four icons to the left of the address to indicate whether or not it is secure:
- A plain white 'blank page' icon indicates an ordinary http site, meaning there's no encryption of data passing back and forth between the website and the user's computer.
- A green padlock icon indicates that the website is secured (https) and encrypts the data.
It also indicates that the security certificates check out, meaning claims about who operates the site are true. That cuts out
the possibility of an attack, where a third party / malicious website poses as a
true website operator to try to trick users into typing personal information into a bogus login screen.
- A gray padlock with a red 'x' indicates a website where the encryption is broken, suggesting the security may be compromised. The Google search engine often blocks users from visiting such sites unless they explicitly acknowledge the risks first.
- A gray padlock with a yellow warning triangle indicates the website is partly secure, with minor errors in the security.
Mixed Content Warning Ditched
It's the "minor errors" in security in which Google is adjusting its security warnings for the Chrome browser. The minor errors are usually due to mixed content, meaning that part of a web page is secure, whereas other parts are not. A common reason is because the main content of the page is secured, but some additional content such as third-party images or advertisements are not linked to on a secured channel. (Source: zdnet.com)
According to Google, having four different icons risks confusion for users. It's now decided that for pages with mixed content, it will now only show the plain white 'blank page' icon which indicates the page is the same as saying that it's not (fully) encrypted. This is a safety-first approach, with the idea being that unless a user can trust all the content on a site as being 100% secure, they shouldn't rely on any of the encryption even if 99% of it is secure.
Yellow Triangle Deterred Website Security Upgrades
The second reason for the change is that in many cases when a website operator decided to switch from an unsecured website to a secured one, the mixed content icon was regularly triggered during the transition period. Ironically, that also created the impression among users that the site was a specific risk.
Google also believes that some web owners may have been deterred from upgrading their site to secure http (https) due to the mixed content warning. Now, web masters can work toward upgrading to https and temporarily work with the mixed content until their site is fully compliant (depicted by the green padlock). (Source: blogspot.co.uk)
What's Your Opinion?
Do you understand and take any notice of the four icons in Chrome? Did you realize that a site with a yellow warning triangle is actually slightly more secure than one with the standard blank page icon? Is Google right to ditch the mixed content warning and instead err on the side of caution?
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
never noticed
Heck, I never noticed the icons. I just assume all web sights are unsafe!
Google Simplifies Web Browser Security Warnings
Each of the 4 steps needs a full discription on each page they are refering to.