Sign in / up

back to article Phew! Chrome to warn when you watch insecure smut

Google's efforts to make unsecured HTTP connections untenable will step up in October, when its Chrome browser starts to warn users that more web sites are insecure. October will see the advent of Chrome version 62, an update that will see the browser warn users that HTTP-only pages are insecure if they ask for any data entry …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Certificate Checking?

    So when the certificate for a site is checked by a browser, isn't there an opportunity for the certificate authority which one checks it against to log which IP addresses are browsing which websites? Doesn't the certificate inevitably includes the website address?

    I'm, er, asking on behalf of a friend...

    0 1 Reply
    1. A Non e-mouse Silver badge
      Reply Icon

      Re: Certificate Checking?

      No, 'cause all the CA certs are embedded in the browser. If they weren't, you'd have the bootstrap problem: How to verify you connection to the CA to verify the connection to the porn banking site you're visiting.

      Certificate revocation checking, however....

      3 0 Reply
  2. StillGridlocked

    That's been available as a flag option in Chrome stable for awhile now.

    0 0 Reply
  3. mark l 2 Silver badge

    We all know that incognito mode is used for viewing pron and unless you are entering credit card details i don't see it needing HTTPS and lots of free pron website don't have HTTPS enabled.

    Will there be a way for us who like to make our own decisions to turn off Googles warning?

    3 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Will there be a way for us who like to make our own decisions to turn off Googles warning?

      No....Google knows best.

      Just like you can't view "insecure" websites...even if they are on you own f**king internal kit.

      9 0 Reply
    2. the Jim bloke
      Reply Icon

      the article is saying its a warning

      A warning is information, you can proceed as you wish.

      blocking access to websites is a different matter entirely, I can see that google would like to do that - for the users good, of course - but I dont think the world is quite ready to accept that. Maybe by Chrome 65...

      1 0 Reply
      1. VinceH
        Reply Icon

        Re: the article is saying its a warning

        "A warning is information, you can proceed as you wish."

        A warning is also - if issued too often - something users will develop a blind spot for, and then not notice it when they need to.

        4 0 Reply
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Re: the article is saying its a warning

          A warning is also - if issued too often - something users will develop a blind spot for, and then not notice it when they need to.

          Remember Windows Vista UAC?

          5 0 Reply
          1. Alumoi Silver badge
            Reply Icon

            Re: the article is saying its a warning

            Remember Windows Vista UAC?

            Remember what? Oh, that thing you disabled the firt time you installed the OS.

            1 0 Reply
        2. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Re: the article is saying its a warning

          Pshaw, there you go, trying to claim that watching pron makes you go blind.

          Now where's my white cane and my German Shepard?

          1 0 Reply
    3. sabroni Silver badge
      Reply Icon

      re: We all know that incognito mode is used for viewing pron

      It is, but there are other uses. I'm logged in to youtube in an incognito tab so my google id doesn't follow me around all my other tabs.

      (It's spelt porn, there's no need to by coy.)

      3 2 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        I use private windows in Firefox for 'data collecting' websites

        i.e. on the rare occasions I need to login to Facebook via the web, or I need to login to Google, I'm always doing that in "incognito mode" so their cookies don't follow me around. I also do it when I buy something from Amazon, since they're probably just as bad.

        There's probably no point in using incognito mode for this sort of thing if you use Chrome, because Google is still collecting your data either way. Which is why I don't use Chrome!

        3 0 Reply
    4. Anonymous Coward
      Reply Icon
      Anonymous Coward

      We all know that incognito mode is used for viewing pron and unless you are entering credit card details i don't see it needing HTTPS and lots of free pron website don't have HTTPS enabled.

      No, I have many times used incognito mode when borrowing someone else's machine and I don't want to mess up what they were running, or fill up their browser history with my stuff.

      It's on my *OWN* machine I use it for browsing pr0n...

      1 0 Reply
  4. tiggity Silver badge

    How about a warning

    For pages serving ads as they are known to be a major conduit for malware / attack vectors?

    ...Thought not.

    8 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: How about a warning

      For pages serving ads as they are known to be a major conduit for malware / attack vectors?

      Not as long as they generate a profit. It is a US company and you are getting something for "free", remember?

      0 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    That feature's been giving some Reg operatives grief as we worked on stories like our appreciation of the Boeing 737's 50th birthday that included lots of numbers. Embedding Tweets in a story also sets off the Auditor.

    Well, don't use Chrome then. Any other problems I can solve for you? :)

    4 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      re: Well, don't use Chrome then.

      Fine, until you get to a site with lazy devs who only test on Chrome. They're becoming more common. If you don't want Chrome to become the new IE6 I suggest using a different browser, or at least faking your user agent so it looks like you do....

      2 0 Reply
      1. Ken Hagan Gold badge
        Reply Icon

        Re: Faking user agent (Was: Well, don't use Chrome then)

        Well actually, in a perfect world, testing only on Chrome would be fine. Chrome would correctly support all HTML5 constructs and your page would contain only HTML5 constructs. Job done.

        The trouble is at least as much caused by idiot web page authors as it is with browser programmers. As one example, I have recently removed the "armv7l" string from my UA string because I have realised that quite a few websites (big ones, like Amazon and my bank, both of whom can surely afford better) use this to indicate "small screen size" and punt me over to their mobile site. In Amazon's case, this is a recent change (so the twat who wrote it was probably at primary school when CSS media queries were invented) and there wasn't even a back-link to the desktop site.

        How idiotic do you have to be to think that the CPU is a better guide to layout than the screen size?

        2 0 Reply
  6. Neil 44

    Letsencrypt availability

    One of the best ways to encourage the use of HTTPS would be for hosting companies to permit the use of cost-effective (i.e. free - like Letsencrypt!) certificates rather than (like 123-reg do) insisting customers purchase certificates from them at a premium prices.

    At least some virtual hosting environments (like BlueOnyx) are encouraging the use of free but full featured certificates and manage them automatically

    2 0 Reply
  7. Defiant

    Abusing position

    People is it also tells people forums etc aren't secure even though no credit card etc data is on them, it's just scaring people

    1 3 Reply
  8. druck Silver badge
    Unhappy

    Nagware

    I don't want the browser nagging me when I check the temperatures at home on my Raspberry Pi's web server. I'm not going to set it up for https, its only accessible locally or via a VPN.

    3 0 Reply
    1. Alumoi Silver badge
      Reply Icon

      Re: Nagware

      So, literate enough to set up your own Pi but still using Chrome? Something's wrong here.

      0 1 Reply
  9. Anonymous Coward
    Anonymous Coward

    "Embedding Tweets in a story also sets off the Auditor."

    Ah, finally something good comes out of it! :-)

    2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like