Autumn Web Browser Changes

Chris Booth :: Tuesday 24th July 2018 :: Latest Blog Posts


Google, who make the Chrome web browser, are planning to make changes to the way they label some websites this Autumn.  Mozilla, who make Firefox and are funded almost entirely by Google, have lead the way on this and have been labelling some sites as "insecure" for a while.

Websites which are not registered for an encryption certificate will be labelled as "Insecure."  These changes will not change the way your site appears in Google Search but may result in pop-up warnings appearing in the visitor's web browser once they are looking at your website.

A number of The Web Booth customers have been in-touch about this, some of them in "Chicken Little" sky-falling scenarios.  Extra warnings in a popular web browser like Chrome are worth mentioning but you don't need to panic.

For an idea of what to expect let's look at what both Chrome and Firefox do now.

Information icon in Chrome browser
At the moment both Chrome and Firefox show a little (i) in the address bar.  If you click the (i) in Chrome you get this...

Popup in Chrome browser - not secure!
If you try and fill in a form the address bar changes to this in the latest versions of Chrome...

Chrome browser not secure warningNot secure!

In Firefox, right now, your address bar will sprout a red padlock if you try and complete a form on an unencrypted website

Firefox address bar padlock

And also this attached to each form field as you type into it.

Firefox form warning
There is plenty of time between now and October, it seems that Google are planning on turning up the heat every few weeks.  This seems to be what they are aiming for Chrome to do.

New chrome warning for autumn 2018
 
As you start filling in a form, the title bar will change to red with a cute animation.  Not really the sky falling and probably less invasive than what Firefox already does.

Why is this happening?

The reasons for this change are complex.

There are genuine concerns that people can view or modify information you type into a web browser.  In practice the only people who can do this easily are governments and whoever owns the cables you are using.  Although it is technically possible for anyone to view or modify Internet traffic and it has happened, it's not (touch wood) common because it's difficult to do.

So we need to look for other reasons and there are two of them...

  1. Revelations, a few years ago, about massive-scale government surveillance really annoyed cryptologists and Internet programmers and they are still determined to put a stop to it.  Many of these people work for Google.
  2. Some countries, particularly the US and developing countries, have monopolist Internet Service Providers who add adverts to web pages their customers view.  Encryption would stop this and Google executives don't want anyone but Google putting adverts on third-party websites.

Do I need an encryption certificate and how do I get one?

Sooner or later, yes but there's no rush.

Most websites don't actually need encryption but it will reduce the chances that your customers will be put off by warnings and it may boost your performance with search engines a bit.  The cost of registering a website for an encryption certificate is so low that you should probably do it.

You get a certificate by asking us.

If you have a new website or if we have updated your site recently then you probably have a certificate already.  We have been adding them as we go along all year.

  • If your web address starts with "https://" then you have a certificate.
  • Websites starting with "http://" are unencrypted.

How much do certificates cost?

Certificates are either free or reassuringly expensive.  We would suggest a free certificate for almost everyone.  In the unlikely event that you can't make do with a free certificate, we will let you know.

Unfortunately adding a certificate moves your website's address.  This means we need to make changes to your website and resubmit it to search engines.  As a result we are charging a one-off fee of £50.00 to add the certificate.

If you want us to add a certificate to your website sooner rather than later, get in touch on 0172 555 2430 or email chris@thewebbooth.co.uk