HTTPS has largely replaced its less secure predecessor HTTP as the default choice for sending resources over the internet. The key difference between the two is that HTTPS transmits data using an encrypted connection, while data loaded over HTTP is not. Google began marking all sites still utilizing HTTP connections as 'Not Secure' with the release of Chrome 68 last year, and today, Google announced additional plans to inform users when sites utilize an insecure connection. With these latest changes, the Chrome team hopes to address the problem of mixed content. Read More
Earlier this year, the team behind Chrome stated that all HTTP pages will be marked as 'Not secure' later on this year, in a bid to encourage even more site owners to move to the more secure HTTPS standard. We now know a little bit more about planned changes to Chrome's security indicators, including how HTTPS pages will be shown as default pages going forward. Read More
As anyone who uses apps that allow for fingerprint authentication will know, the UI for each app's prompt can differ wildly. Android P will attempt to combat this by providing a new API. Additionally, Google will be blocking cleartext (unencrypted HTTP) by default for apps that use Network Security Configurations. Read More
Google has been planning to mark all HTTP sites as non-secure in Chrome for a while now, but the company is taking baby steps to ensure users (and owners of HTTP-only sites) don't freak out. Chrome already identifies HTTP sites with password or credit card fields as "Not Secure" in the address bar, and Chrome 62 will expand that to any HTTP site with any data entry fields. Read More
Ever noticed how your Android Downloads folder easily gets cluttered with useless files and documents that you viewed once and never needed again? This is especially true of PDF files since Chrome can't open them natively and thus hands them over to other applications, the default being Google Drive's PDF viewer. Well, I noticed a strange thing recently: sometimes PDF files would just load in Drive directly and it seemed that my phone's Downloads folder clutter wasn't getting out of hand as fast as it used to. Some investigation was in order.
Turns out that a new feature crept up in Google Drive's 2.3.544.17 release on January 28. Read More
Just last week, Google announced plans to remove SPDY support from its open source Chromium project early next year, and it would be replaced by the not-yet-official HTTP/2 protocol. Today, the Internet Engineering Steering Group (IESG), the managing component of the Internet Engineering Task Force (IETF), announced that the HTTP/2 and HPACK specs have been formally approved and are on the way to becoming official standards.
For those who may not already know, HTTP/2 (spec) is a network protocol generally used by web browsers for transferring the HTML, images, and other resources that make up web pages – but it is frequently used by countless other types of apps for communication, as well. Read More
If you're the type of person that closely follows networking protocols and web server optimizations, you've probably heard of SPDY. This is Google's re-imagining of the HTTP protocol, designed to reduce latency, streamline data flow, and generally speed up data transmission from a server to your browser. Well, you can forget about it. Google is about to kill SPDY, but for a good reason. The Internet Engineering Task Force (IETF) is getting close to finalizing a major revision to the HTTP protocol, dubbed HTTP/2. The new version, which Google made many significant contributions to, almost completely mirrors the feature set offered by SPDY, including things like multiplexing, header compression, prioritization, and protocol negotiation. Read More