Just how secure are our online travels these days? Perhaps less secure than ever. From hackers to website hacks, from email phishing to scams, when it comes to online security, Murphy’s Law rules. Whatever can go wrong, will go wrong. And go wrong it does with increasing frequency– despite humanity’s best attempts to manage the technology for good over evil.
What’s the real problem with online security?
Humanity, of course. And humanity will have to come up with solutions. Guess who is at the forefront of fixing insecure websites? Google. Uh huh. That Google. The same Google that tracks stalks users online to an extent not even matched by Facebook. The same Google that knows more about you than you probably know about yourself.
Google has decided the world wide web needs to be more secure. Hell, just having Google go out of business would make the WWW more secure. This week I fired up Google’s Chrome browser on my Mac and visited a few websites.
Here’s what I found at the popular Loop Insight website run by Jim Dalrymple.
Can you see what Chrome did to The Loop? Check the URL search bar.
www.loopinsight.com is listed as Not Secure. Starting with Chrome 68, which began shipping this week, websites that do not use the HTTPS protocol with a valid SSL certificate are displayed as Not Secure in the URL address bar.
Is Loop Insight less secure this week than last week? Probably not, but Google is simply pointing out the obvious– sites with HTTPS and an SSL certificate are more secure. The Not Secure listing does not mean a website has been hacked or your browser has been hacked. All that means is that either one or both could be hacked in some nefarious way because the connection between you, your browser and the website is not protected.
What Google is doing here is pushing the interwebs along toward a more secure future, and the Not Secure monicker in Chrome simple shames websites into recognizing the need to add a layer of security it does not have.
Do other websites have similar security issues? Well, as of today, websites for BBC, ESPN, FedEx, Fox News, and many others have not embraced more secure website technology.
Why not?
In some case it can be a royal patootie pain to get a website fully secured via an SSL certificate because embedded images may be scattered across many different servers, and each of those must also have a secure certificate.
After seeing the handwriting on Google’s wall earlier this year I bit the bullet and added an SSL certificate to ensure an end-to-end encryption between your browser and my webserver. A few years ago, along with other websites in the Villagers group, dropped advertising trackers, eliminated analytics trackers, and did away with website cookies. That makes our site about as fast and secure as you can get.
Let’s give some props and kudos to Google for pushing the WWW to a more secure future, but it wouldn’t hurt the search engine giant to stop tracking their users and non-users so much. That would bring about more security in the world.