#Google #Engineers - Google Chrome browser are working on a system that warns users when they are on their way to a non-secure website. A discussion page from the engineers moots the change, saying that it could arrive in 2015 and will act as a warning flag against sites using just HTTP. "The Chrome Security Team propose that user agents gradually change their UX to display non-secure origins as affirmatively non-secure," they wrote. "We intend to devise and begin deploying a transition plan for Chrome in 2015." "The goal of this proposal is to more clearly display to users that HTTP provides no data security."
The engineers admit that there will be challenges, but say that the alternative leaves internet users open to abuse from blackguards and, um, governments. "We know that active tampering and surveillance attacks, as well as passive surveillance attacks, are not theoretical but are in fact commonplace on the web," adds the document. "We know that people do not generally perceive the absence of a warning sign. Yet the only situation in which web browsers are guaranteed not to warn users is precisely when there is no chance of security: when the origin is transported via HTTP."
The engineers admit that there will be challenges, but say that the alternative leaves internet users open to abuse from blackguards and, um, governments. "We know that active tampering and surveillance attacks, as well as passive surveillance attacks, are not theoretical but are in fact commonplace on the web," adds the document. "We know that people do not generally perceive the absence of a warning sign. Yet the only situation in which web browsers are guaranteed not to warn users is precisely when there is no chance of security: when the origin is transported via HTTP."
Comments
Post a Comment