In the recent past, web security has undergone a series of upgrade to more secure strategies advocating the use of HTTPS encryption features. In November 2017, Google announced that they will implement some changes in their Chrome web browser. True to their word, Google released Chrome 68 in July this year. The browser comes with an additional feature that marks any HTTP site as insecure, with the “not secure” notification appearing to the left of the address bar.
Most of the major changes in Chrome 68 are as highlighted below:
- A “Not Secure” label for all HTTP
- Assistive Console
- Chrome 68 version ships with new Console features with previewing and auto-completion.
- Eager Evaluation
- Faster, more reliable audits; Chrome 68 ships with Lighthouse 3.0.
- Faster, more reliable audits
- New UI, Lighthouse 3.0. new user interface.
The plan to mark all HTTP sites insecure has been ongoing. The efforts have so far led to the increase in HTTPS adoption, with 76 % of chrome traffic on android being protected, and 85% of chrome traffic on Chrome OS being protected. Additionally, 83 of the top 100 sites on the web now use HTTPS by default.
With the release of Chrome 68, a major question most people are asking themselves, what do I need to do? First of all, it is important to note that an update of Chrome 68 will mark all the sites using the HTTP protocol as insecure. Therefore, it is a prerequisite that web developers migrate from HTTP to HTTPS. The first step is to acquire an SSL certificate approved by Chrome. Implementing a signed SSL certificate on the web server will make the website to be HTTPS encrypted. That way, any site that Chrome 68 flags as not secure will be fixed and users can trust it.
Using an SSL certificate has several benefits. They maintain a website’s integrity. The certificate will secure an HTTP such that it will prevent intruders from injecting codes and unverified popups or ads into the web pages. Also, it blocks malware which may tamper with the communication between the website and the user. In addition, SSL certificates protect the security and privacy of the users. HTTPS protocols encrypt resources, and data on a website hence protecting a user’s information from intruders. Besides, SSL certificates will equip a website for internet upgrades in the future. HTTPS is currently the baseline for web traffic in future.
With the update of Chrome 68, what’s next for Chrome? One sure thing is that web browsers will definitely make Chrome their web browser of choice. Chrome 68 is the first web browser to implement measures that flag HTTP websites as not secure. Therefore, users will prioritize Chrome 68 since they will be assured that all websites they access without encountering ‘not secure’ flags use the secure HTTPS communication protocol. It is also important to note that Chrome 68 has also implemented major changes in its DevTools. Most of the changes are related to previewing expressions and functions as one types as well as increased autocomplete options.
Chrome 68 will provide a very secure way for users to access websites. With the update, a website with the HTTP connection will most likely not be visited in Chrome68 since users will be warned that it is not secure. It is hence prudent that all web developers migrate to the more secure HTTPS. In any case, HTTPS has many security benefits.