Slashdot Mirror

← Back to Stories (view on slashdot.org)

More Than 50 Percent of All Pages In Chrome Are Loaded Over HTTPS Now (onthewire.io)

Posted by msmash on from the secure-web dept.

Reader Trailrunner7 writes: After years of encouraging site owners to transition to HTTPS by default, Google officials say that the effort has begun to pay off. The company's data now shows that more than half of all pages loaded by Chrome on desktop platforms are served over HTTPS. Google has been among the louder advocates for the increased use of encryption across the web in the last few years. The company has made significant changes to its own infrastructure, encrypting the links between its data center, and also has made HTTPS the default connection option on many of its main services, including Gmail and search. And Google also has been encouraging owners of sites of all shapes and sizes to move to secure connections to protect their users from eavesdropping and data theft. That effort has begun to bear fruit in a big way. New data released by Google shows that at the end of October, 68 percent of pages loaded by the Chrome browser on Chrome OS machines were over HTTPS. That's a significant increase in just the last 10 months. At the end of 2015, just 50 percent of pages loaded by Chrome on Chrome OS were HTTPS. The numbers for the other desktop operating systems are on the rise as well, with macOS at 60 percent, Linux at 54 percent, and Windows at 53 percent.

4 of 136 comments (clear)

  1. ...and then blanked out by JavaScript by Anonymous Coward · · Score: 4, Insightful

    loaded over...and then blanked out by JavaScript looking at Adblock's actions.

    do they really think my next action would be to disable Adblock? Really? I just close the tab and move onto another page...

  2. Needless bullshit by JustAnotherOldGuy · · Score: 4, Insightful

    Yes, HTTPS is fine for anything sensitive, but does my recipe site really need to provide HTTPS pages?

    Seriously, there is no need for every site to output HTTPS pages. If you're really afraid that someone might eavesdrop and see you looking at Banana Bread recipes, you have bigger problems than an HTTPS connection can fix.

    --
    Just cruising through this digital world at 33 1/3 rpm...
    1. Re:Needless bullshit by kangsterizer · · Score: 4, Insightful

      https also ensure the pages cannot be modified. if someone knows your recipe site, they trust you and its content.
      if tomorrow they visit and it asks for a donation for example, they'll think its for you and donate. bad luck, it was the attacker.

      basically, there is more than confidentiality issues ("they can see your data"). there's also integrity issues ("they can change the data displayed")

      besides - there's plenty of ways this can go wrong for confidentiality as well. there are billions of websites. some start as a recipe site, and end up asking login, processing password, etc. some not. people make mistakes along the way. its much safer and easier to basically require https across the board - specially that its pretty much free to do so now.

    2. Re:Needless bullshit by Second_Derivative · · Score: 4, Insightful

      If a small amount of global web traffic is encrypted then the encrypted traffic will stand out and bring scrutiny.

      If everything is encrypted, no matter how mundane, then genuinely sensitive traffic becomes less conspicuous.