Google: Final Warning on HTTPS for Websites

Discussion in 'Domains and SSL Certificates' started by djbaxter, May 18, 2018.

  1. djbaxter

    djbaxter Tazmanian Veteran

    10,481
    917
    +451
    Google Chrome Issues Final Warning on HTTPS
    Search Engine Journal
    May 18, 2018

    Read more…
     
    • Informative! Informative! x 3
    • Appreciation Appreciation x 1
    • List
  2. baona119

    baona119 Participant

    93
    63
    +33
    Microsoft once attempted to control the web, they failed with IE6. Google seem doing better job with Chrome. What a bullsh** to remove green mark "because it should be default"
     
    • Disagree Disagree x 1
    • Agree Agree x 1
    • List
  3. djbaxter

    djbaxter Tazmanian Veteran

    10,481
    917
    +451
    What exactly is your beef? Green mark or not, what this means is that if you have ignored warnings about HTTPS until now, you'd better stop ignoring them and convert.

    This is not just about Google, although it can and does affect rankings now. You will have the same issue in other browsers about sites not being secure, especially anywhere a member or potential member is entering a password.
     
  4. baona119

    baona119 Participant

    93
    63
    +33
    I've been using SSL for ages so this is not my case.

    SSL is a good practice for site owners, but this shows how Google attempt to control the web because they own Chrome. I wonder what will be next event after this.
     
    • Disagree Disagree x 1
    • Agree Agree x 1
    • List
  5. djbaxter

    djbaxter Tazmanian Veteran

    10,481
    917
    +451
    So what is your issue with "removing the green mark" then?
     
  6. we_are_borg

    we_are_borg Moderator

    4,524
    807
    +1,750
    Because people will get confused by it. Red was always the warning when a site used HTTPS but was not valid, now it becomes standard for everything that is non HTTPS.
     
  7. djbaxter

    djbaxter Tazmanian Veteran

    10,481
    917
    +451
    It won't confuse me. I never even notice the green locks anymore until it's not there, relaxed by either a red flag or that icon with a red slash through it.

    That is exactly Google's point. We don't need a bunch of green flags anymore. We only need to highlight when there's a problem with a website.

    Think of all the warning lights on a car dashboard. We don't have a hundred little green lights. We just have red warning lights when a problem occurs.
     
  8. Pete

    Pete Flavours of Forums Forever

    1,773
    227
    +601
    It's not about 'removing the green mark', incidentally. Stuff sent over HTTP is trivially snoopable - and trivially interruptible.

    Meaning that it's not difficult to eavesdrop on sites that have logins (like, say, forums) and grab passwords, especially in the modern age where a lot of access is done over wireless connections that can be snooped on absolutely trivially. As for interruptible, doing MITM attacks and changing content midflight is not a new idea and much harder to do on HTTPS (though, I'll note, far from impossible)

    I think this is a good move, actually.
     
  9. we_are_borg

    we_are_borg Moderator

    4,524
    807
    +1,750
    Well for people here i have high hope that they understand what they see. But people that are non technical and only do normal plain stuff this will get them confused. Especially when Chrome does A, Edge does B and Firefox does B also.
     
  10. djbaxter

    djbaxter Tazmanian Veteran

    10,481
    917
    +451
    It's just transitional. Within another month or two, Firefox and Edge will follow suit.
     
  11. fixer

    fixer I'm In My Prime

    1,043
    207
    +572
    I guess this makes google the internet police, im ok with it ... google gets me

    not a fan of chrome or andriod tho
     
  12. Paul M

    Paul M Dr Pepper Addict

    3,724
    1,127
    +2,047
    Good for you, but not everyone is techie.

    It will confuse a lot of people, esp since its been pushed by many sources as the way to tell if the site is secure.
    Its a pointless thing to do - having a green (or red) lock there doesnt cause anyone any issues, so why remove it ?
     
    Last edited: May 19, 2018
  13. djbaxter

    djbaxter Tazmanian Veteran

    10,481
    917
    +451
    As I said above, one reason is "flag blindness" (cf. ad blindness and lights on a car dashboard). If flags only appear when there's a potential problem, you are more likely to notice them.

    As I also said above, I don't even "see" the green padlocks on my own sites or those I visit regularly any more. I only notice the non-secure flags.
     
  14. baona119

    baona119 Participant

    93
    63
    +33
    You have just proved my point that Google somehow succesfully controlled the web.
    I'm not against this decision for SSL of course, just don't like it if they removed green mark, when there is no better protocol.
     
  15. eva2000

    eva2000 Habitué

    1,669
    857
    +719
    Well as with most new things, confusion on a individual level is only temporary. Clarity that eventually comes after, is more permanent :D

    Nice read for folks https://www.troyhunt.com/the-decrea...dicators-and-the-importance-of-negative-ones/

    and

     
  16. djbaxter

    djbaxter Tazmanian Veteran

    10,481
    917
    +451
    Excellent. Thank you for those two resources, eva2000eva2000. :)
     
  17. Paul M

    Paul M Dr Pepper Addict

    3,724
    1,127
    +2,047
    As far as I can see its a bit like saying we dont need green traffic lights anymore, if its red, stop, otherwise go.

    That would cause a lot of confusion as well.
     
  18. djbaxter

    djbaxter Tazmanian Veteran

    10,481
    917
    +451
    :rolleyes: okay... if you say so, Paul...
     
  19. Tracy Perry

    Tracy Perry Opinionated asshat

    5,135
    492
    +3,536
    And that's why they are called stop signs... there's no need to a green sign at the intersections that you have right of way. ;)

    I am of the camp that it's better to make something that stands out from what the "norm" should be and ONLY warn. The green lock was - for a long time - outside the "norm" and was used to assure the users of a secure site. Now all they plan to do is just the opposite. If the site is secure, don't have anything special but WARN if it is not under SSL.
    Where this is going to hurt is those that are to damn lazy to take the time to use SSL on their sites. I fully expect to see those admins screaming bloody murder once something like this goes into effect.
     
  20. eva2000

    eva2000 Habitué

    1,669
    857
    +719
    It's going to hurt EV SSL certificate commercial providers' bottom line as for so long they have marketed that EV green indicator was a what you'd want to see, now Chrome and other web browsers are going to take that away.
     
Verification:
Draft saved Draft deleted
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.