Phew! Chrome to warn when you watch insecure smut

Google's efforts to make unsecured HTTP connections untenable will step up in October, when its Chrome browser starts to warn users that more web sites are insecure.

October will see the advent of Chrome version 62, an update that will see the browser warn users that HTTP-only pages are insecure if they ask for any data entry. That release will also mark all HTTP pages as insecure when users are in Chrome's pr0n-viewing mode Incognito Mode, in which the browser does not record users' site visits or downloads. Google feels that users of Incognito Mode already have a high expectation of privacy, so helping them out with some extra security advice will be appreciated.

Chrome started to warn users that sites offer only HTTP, rather than the encrypted HTTPS, as of version 56. The company says that since it started to do so, “there has been a 23% reduction in the fraction of navigations to HTTP pages with password or credit card forms on desktop, and we’re ready to take the next steps.”

On some future day that Google is yet to decide and/or disclose, Chrome will mark all HTTP pages as insecure. ®

Bootnote: Chrome also includes an XSS Auditor that looks for uploads of what it thinks might be credit card numbers or other sensitive data, then prevents itself from displaying such data if it thinks something sensitive is about to leak. That feature's been giving some Reg operatives grief as we worked on stories like our appreciation of the Boeing 737's 50th birthday that included lots of numbers. Embedding Tweets in a story also sets off the Auditor.