Google has continued its offensive against insecure and unencrypted web connections. The company has been pushing web companies to encrypt their connections both by penalizing unencrypted websites in search and also marking them as insecure in the address bar if they take credit card information without encryption.
Now Google is getting ready for its next push. Chrome 68, to be launched today, will now mark all sites still using HTTP as Insecure in the address bar, which is likely to alarm regular visitors to such sites and push their admins to encrypt traffic to the site.
Google is also removing the Secure label from sites which are encrypted, cementing that as their expected default position and also making it more prominent when sites are actually unencrypted.
Currently, more than 70% of websites visited in the USA are encrypted, which means ISPs and governments cant easily snoop on the contents of your connection, but can still see which site you are visiting. This does not mean your traffic is always secret, as the website at the endpoint may still share your data, or you may have monitoring software on your PC which reports your usage, but the move to HTTPS, while frustrating to smaller websites, is a move to a safer web for all in the end.