From July 24th, Google will start rolling out the latest version of its web browser – Chrome 68 – which automatically flags HTTP websites as not secure.

According to Microsoft Regional Director and HaveIBeenPwned operator Troy Hunt, a large portion of the Internet is still serving websites over HTTP, despite knowing about the changes for a long period of time.

In a statement on his blog, Hunt said he has created a list of the most popular websites which continue to use HTTP, sorted by country.

“We’ve known this has been coming for a long time now both through observing the changes in the industry and Google specifically saying this is coming,” said Hunt.

“Yet somehow, we’ve arrived at today with a sizeable chunk of the web still serving traffic insecurely.”

Hunt’s Why No HTTPS? website lists the most popular websites (according to their Alexa rankings) which have not implemented HTTPS.

According to Cloudflare, the majority of the Internet’s one million most popular websites will show up as “not secure”, as they are not served over HTTPS.

websites
HTTP and HTTPS comparison

Earlier this year, Google said in a blog post that; “for the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.

Google argues that all websites should be protected with HTTPS, even if they don’t handle sensitive communications. In today’s privacy-conscious landscape, that’s hardly disputable.

While most would agree that HTTPS is a good thing, not everyone is convinced. This led Troy Hunt to theorise that those against the broad adoption of HTTPS are simply pushing back because they feel they have lost control and are being “forced” to move due to Chrome’s impending changes.

How do you get your website secured?

There are lots of Web Hosting companies that provide SSL Certificates that protect your personal data including passwords, credit cards and identity information. Getting an SSL certificate is the easiest way to increase your customer’s confidence in your online business.

What is an SSL Certificate?

An SSL Certificate is a digital certificate issued for a domain by a central authority called the Certificate Authority. To be issued an SSL Certificate, you must purchase an SSL Certificate and then go through a verification process conducted by the Certificate Authority.

Leave a Reply