Thursday 15 October 2015

Chrome Removes The Lock Icon For HTTPS Sites 'Flaws'


Google has made changes to Chrome making HTTPS sites with 'mistakes' have no more lock icon in the browser. This is to ensure that users can more clearly see if they can trust a website, as Google has announced.

By "mistakes" the Internet giant meant especially websites served over HTTPS, but still contain content that is loaded through the unencrypted HTTP. This is referred to as "mixed content". Previously gave Chrome web sites with mixed content via a separate icon again, namely a lock with a warning triangle. To ensure that users need to recognize fewer different icons Google has now removed this icon in Chrome 46.

In addition, removing the icon should encourage the owners of the websites to fully HTTPS steps. There are still sites where the ads or images are provided via HTTP. This poses a security risk. Therefore, these websites are displayed as if they are completely unencrypted. This allows Chrome has only three instead of four different icons in the address bar.

"We have to find a balance: where the security of the website is as accurate as possible, while users are not too many possible security levels and details are overwhelmed," said Chris Palmer of the Chrome Security Team. According to Palmer found that many users found the warning triangle confusing. Ultimately, Google Chrome only display two icons, one for safety and one for unsafe.

No comments:

Post a Comment