By year-end of 2015, Google is planning to mark all websites with HTTP pages as “insecure” to warn web users about data security and privacy threat, reports Chromium.org.
This move comes as part of an open-source Chromium Projects. The decision has been implemented in Chrome starting in January as a strategy to encourage webmasters to start using HTTPS by default.
A message from Google clearly stated its intention: “We all need data communication on the website to be secure (private, authenticated, untampered).” The company said that whenever there is no data security, the UA must explicitly be displayed so that web users can make better and informed decisions.
Google team also suggested browsers identify three basic security issues:
- A secured and valid HTTPS
- A dubious – which is valid HTTPS, but with mixed passive resources and a valid HTTPS with minor TLS errors
- Non-secure – identify broken HTTPS or HTTP
They are also recommending what they called “a phased approach to marking non-secure origins as non-secure.”
Chromium projects comprises of Chromium and Chromium OS. Both are open-source platforms and their aim is providing safer way for ordinary netizens while browsing the web.