Chrome May Start Marking All Unencrypted Pages As Unsafe
Nowadays, security on the Internet is a topic of major interest. Chrome's security engineers have proposed that all the pages which don't offer encryption should be marked as insecure. The team is trying to change the way encryption (or the lack of it) is indicated in your browser in order to make things clearer for general public.
The reason behind this initiative is that the lack of HTTPS and SSL/TLS encryption makes the data exchange between users and websites highly insecure. According to Chrome's team, the user should be clearly notified when the websites he or she is visiting isn't safe. I'm not sure if you know this or not, but this is the exact opposite of what was happening until now, when you were only notified if a website was encrypted or exhibited a suspicious behavior.
Even though we don't have exact information about how this new notification system will be implemented, Google suggested that it may take a gradual approach. This means that at first, unencrypted websites will only be marked as dubious and only later transformed into non-secure. Furthermore, the plan is to remove the notifications for website encryption (that little lock icon representing the HTTPS protocol) as this should be the new "normal".
Mozilla's team expressed support for this initiative, but mentioned that the real issues will be related to timing. Why? Because, at the moment, there are too many websites which don't encrypt data that the notifications would quickly become aggravating for the users. Furthermore, Firefox engineers are backing a project called Let's Encrypt which aims to deliver free security certificates for the small websites that cannot afford encryption technology.
