SoylentNews is people
SoylentNews
posted by
cmn32480
on Sunday September 11 2016, @05:48PM
from the there's-gotta-be-a-downside-to-this dept.
from the there's-gotta-be-a-downside-to-this dept.
According to a post on the Google Online Security Blog, beginning in January 2017 Google Chrome will begin flagging all sites that use traditional HTTP rather than HTTPS for passwords or other sensitive information as "insecure". It also indicates that Google plans to eventually start flagging ALL traditional HTTP-only sites as "insecure". While HTTPS has always made sense for truly sensitive information, a pure HTTPS web does have implications for legacy tools - essentially if anyone is not using the absolute latest of one of the "big three" web browsers, they will always potentially be just one security update away from being locked out of the web.
This discussion has been archived.
No new comments can be posted.
Google to Start Punishing HTTP-Only Sites
|
Log In/Create an Account
| Top
| 63 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Life is to you a dashing and bold adventure.
(Score: 2) by Immerman on Sunday September 11 2016, @11:41PM
How is it punishing you to flag your website as insecure for allowing the government (and anyone else who cares to) to record exactly what I'm browsing?
Now, if they use that as reason to push you down the search results, then yeah, I've got a problem. But I didn't notice any mention of that.
(Score: 3, Insightful) by GungnirSniper on Monday September 12 2016, @01:08AM
Mostly because my homepage is about as relevant to confidentiality as a newspaper article.
Tips for better submissions to help our site grow. [soylentnews.org]
(Score: 1, Funny) by Anonymous Coward on Monday September 12 2016, @06:30AM
Your ISP’s script injection with a 0-day exploit on the other hand...
(Score: 3, Insightful) by TheRaven on Monday September 12 2016, @09:23AM
sudo mod me up
(Score: 2) by Immerman on Monday September 12 2016, @02:53PM
Agreed. There's a reason librarians have stood strong against government attempts to gain access the books people choose to read.
(Score: 2) by JNCF on Monday September 12 2016, @01:45AM
Now, if they use that as reason to push you down the search results, then yeah, I've got a problem. But I didn't notice any mention of that.
You're right that this is unrelated, but they've been using HTTPS as a factor in search rankings for a little over two years now. From The Eye of Sauron itself: [googleblog.com]
For these reasons, over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We've seen positive results, so we're starting to use HTTPS as a ranking signal. For now it's only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content — while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.
(Score: 0) by Anonymous Coward on Monday September 12 2016, @07:58AM
So, that's how they keep making search worse...
Ranking irrelevant https sites above relevant howto and faq documents that only a moron would consider sensitive enough to encrypt.