CATEGORIES
home News

New Google Chrome Feature Will Safeguard Web Browser Against Insecure Downloads

by Brittany GoettingSaturday, February 08, 2020, 02:55 PM EDT
online security

Malware is a major problem and spreads easily through insecure downloads over the web. As such, Google's Chrome browser will begin to block "mixed content downloads" in order to guarantee that HTTPS (SSL secured) pages are only able to download secure files. Google's plan will be rolled out over various upcoming iterations of Chrome.

Hypertext Transfer Protocol Secure (HTTPS) pages are intended to be secure ways to send data over a computer network. However, their security can be compromised by mixed content downloads or non-HTTPS secured transmission of files. Mixed content downloads are vulnerable to attackers and can do major damage to users. The plan is for the Chrome browser to therefore slowly block more and more various forms of mixed content downloads over the next year.

This coming March, Chrome 81 for desktop will print a console message warning about all forms of mixed content downloads. Chrome 82 will be released in April and will warn users about executables like “.exe” and “.apx”. Chrome 83 will be the first version to actually block mixed content downloads. It will block executables and then warn users about mixed content archives and disk images like “.zip” and “.iso”.

chrome non https download block
Image via Chromium Blog

Insecure images, audio, video, and text files will be the last downloads to be blocked. All mixed content downloads will be blocked in October 2020 with Chrome 86. Android and iOS Chrome users will not see any warnings until the release of Chrome 83. Google noted that they are trying to give developers a little bit of time to update apps and even web properties.

Joe DeBlasio from the Chrome Security team encourages “...developers to fully migrate to HTTPS to avoid future restrictions and fully protect their users.” Google stated that they do plan to add more download restrictions in the future. Tools such as “Let’s Encrypt” could be a great resource for small companies, institutions, and non-profits who do not otherwise have the funding to switch over to HTTPS, which can be a big migration for certain apps.

Google has also begun to restrict third-party cookies with the recently released Chrome 80. Its new scheme to classify cookies is intended to protect user security and privacy while still allowing some targeted advertising. The plan will be rolled out over the next few months and is currently only available to some early adopters.
Tags:  Chrome, Google, downloads, HTTPS, (nasdaq:goog)
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment