For a long time, Google and other web-minded businesses like Mozilla have been pushing HTTPS as a way to address the shortcomings and security flaws inherent in HTTP. And if Google’s reports are any indication, it seems to be working based on data claiming that over 82 percent of Chrome pages in the US are loaded over HTTPS.
Currently, if you’re visiting a site that uses HTTPS, Chrome displays a little tag next to the site’s URL featuring a lock icon and the word “secure” in green. It’s a quick and comforting way to let you know that your data is being securely encrypted, rather than sent out into the void in plain text, which is what happens when using old-fashioned HTTP.
Here’s how Google tells you you’re on a site using HTTPS now, and how it will evolve in the future.
However, because so many sites have jumped on the HTTPS bandwagon, Goolge is planning on streamlining things and making those markers a little less obvious in future versions of Chrome. The first step starts with Chrome version 69, which is due out in September and will remove the green coloring and “secure” wording from sites using HTTPS. The security itself isn’t going to change, Chrome will just be a little more nonchalant about calling it out.
Eventually, Google is going to remove the lock icon altogether, at some point in the future where people can safely assume every website they visit is using the proper encryption. However, it’s hard to say how long that will take, as a number of notable sites are still stuck on HTTP.
Starting in October, Chrome will starting doing this when you visit a site still using HTTP.
The most important thing though is that when visiting encrypted sites using HTTP, Google will be stepping up its notifications with a new “not secure” popup that flashes red, in addition to the existing “!” that is supposed to remind you that your data might be vulnerable.
So while it still might be a little early to declare total victory for HTTPS, it seems Google is already thinking about what comes after that. [Google]