Google Rolls Out Chrome 46 with Security Improvements

Most users of Google's Chrome browser have seen the unnerving notice: a yellow warning indicating a Web page that has a mix of encrypted and non-secure content. In version 46 of Chrome, launched today, Google is doing away with that warning, as well as making other changes to the browser.

Chrome will now mark pages in the "HTTPS with Minor Errors" state with the same neutral page icon that appears on HTTP pages, instead of with the yellow warning triangle in the browserEUs address field, Google said in a blog post.

"Sometimes, Web sites try to use HTTPS to be secure and get it mostly right, but they have minor errors," according to Lucas Garron and Chris Palmer of Chrome's security team. "Until recently, Chrome marked this security state with a yellow EUcaution triangleEU badge on the page security icon in the URL bar."

Fewer States

Google said the change represents a better visual indication of the security state of the page relative to HTTP, adding that Chrome users will now have fewer security states to learn and understand -- four instead of three, to be exact.

The move, made in conjunction with the release of Chrome 46, is partly intended to encourage Web site owners to be a little more proactive in adopting encryption measures on their sites. Fully encrypted pages will maintain the green HTTPS symbol in the browserEUs address field.

Mixed-content errors often appear on Web sites that are fully encrypted but might also contain elements that are not encrypted. Those kinds of errors are often the result of unencrypted text-based or banner ads hosted by third-party companies not affiliated with the Web sites. A relative minority of advertising networks provide encrypted service, even though itEUs been shown to prevent certain attacks. Google offers this service.

The goal of the new three-state security...

Comments are closed.