Half-secure not good enough for Chrome users says Google

Most users of Google’s Chrome browser have seen the unnerving notice: a yellow warning indicating a Web page that has a mix of encrypted and non-secure content. In version 46 of Chrome, launched today, Google is doing away with that warning, as well as making other changes to the browser. Google gave two reasons for this change in the blog post announcing the update: a better visual indication of the security state of the page relative to HTTP and fewer security states to learn for users.

“Removing the yellow “caution triangle” badge means that most users will not perceive a warning on mixed content pages during such a migration”.

As you can see above, there are now three page security states in Chrome, rather than four. It’ll still be part of Chrome OS. The company says: “During this process, the site may not be fully secured, but it will usually not be less secure than before”. Only a handful of ad networks provide an encrypted service (though Google itself does), despite the security benefit it offers, such as preventing man-in-the-middle attacks. Google’s Chrome browser started supporting push notifications from web apps to the desktop five years ago and a few years later, it introduced a consolidated notification center for messages from web apps and extensions. If there’s any HTTP element on a website, a blank page icon will show up instead. It plans to eventually reduce the number of states to two, either “secure”, or “not secure”.

“For developers and other interested users, it will still be possible to tell the difference by checking whether the URL begins with ‘https://'”.

Since then, the company has reworked its approach to desktop (and mobile) Chrome notifications by adopting what it described last spring as “the new emerging web standard for push notifications”.

It’s worth noting that ChromeOS will still feature the notification center.