Cyber security / SSL certificates
Chrome warns of http websites
Website operators who still maintain an http site may be surprised these days that suddenly far fewer visitors are finding their way to them. One reason could be the final phase of Google's ambitious plan to make the internet more secure.
Recently, users who want to visit a site without an SSL certificate are no longer taken directly to the site by Google's Chrome browser, but instead receive a warning that they are trying to access an insecure website. This message is likely to deter a significant proportion of potential visitors, resulting in significantly lower traffic on the affected site.
Google announced this step back in January 2017. Since version 56 of Chrome was released at the time, a small "Not secure" warning appeared in the browser's address bar when an http website was accessed. Phase two followed around ten months later with the release of version 62, after which all pages that had input fields and sent this data via an http connection were redirected to the security warning. This was followed by the final step, after which all pages without an SSL certificate can no longer be accessed without further ado.
According to a study by Google, around 75 percent of websites on the Internet now have an SSL certificate, easily recognizable by the "https" in the address bar. The aim of Google's campaign is to increase this figure to 100 percent - by force if necessary, as sites without an SSL certificate have been threatened with a downgrade in Google searches for some time and, as of this week, a security warning in Chrome.
In principle, Google's concern is to be welcomed, as the http protocol is simply not secure, especially when sensitive personal data is transmitted. It also makes it easier for man-in-the-middle attacks to capture passwords, session cookies or credit card information. With an https connection, on the other hand, data is transmitted in encrypted form, making it less easy to intercept the data stream. Nevertheless, operators of smaller websites in particular fear the costs and effort involved in migrating to a secure https connection. But let me tell you: https is free! You can obtain free SSL certificates from sites such as 'CloudFlare' or 'Let's Encrypt'. And moving the site is not too complicated either. Google, for example, has provided detailed instructions in a video as part of the campaign.
You might also be interested in
The danger is real
There are frequent warnings about the dangers of careless use of USB sticks in companies. A study now clearly demonstrates this danger and warns of the extent of the threats.
read more...Hundreds of millions of websites at risk
As of December 2018, PHP version 5.6 will no longer receive security updates. However, most website operators have still not switched to the latest version and therefore run the risk of falling victim to hacker attacks.
read more...Security risk with old fax machines
Due to its connection to the company network, the fax machine has become a security risk in companies: According to the VDE, telephone lines serve as a gateway for hackers. Unlike data lines, they are not protected by special security mechanisms.
read more...No accidental changes to files
CodeMeter 6.80 from Wibu-Systems supports Universal Write Filter (UWF), a Windows option from Microsoft that prevents accidental changes to files, which is particularly important for embedded systems.
read more...Security through network segments
The Microwall Gigabit from Wiesemann & Theis is the first in a series of easy-to-use security products for industry and manufacturing.
read more...Mushroom is the victim of a targeted hacker attack
The automation technology provider Pilz from Ostfildern was the victim of a targeted cyber attack on Sunday, October 13. All server and PC workstations worldwide, including the company's communication network, were affected.
read more...Four out of ten ICS computers are under threat
Kaspersky's latest report on cyber threats for the first half of 2019 shows that 41.2% of ICS (Industrial Control System) computers were exposed to an attack. The energy sector is most frequently affected - including by generic malware.
read more...Kaspersky warns of "ticking time bomb"
More than a third of small companies and more than half of large companies are still using the 'Windows 7' operating system, support for which will expire in five months' time.
read more...Body reaction as a password
Forgot your password? The Paluno Software Technology Institute at the University of Duisburg-Essen (UDE) is researching a new approach that combines biometrics and password protection.
read more...