Why Google Chrome is flagging millions of sites as ‘not secure’
Majority of the top million sites on internet do not feature HTTPS encryption

Google’s online web browser Chrome is flagging countless websites as “not secure” following the roll-out of a new security feature yesterday.
The update, dubbed Chrome 68, flags any site that does not feature HTTPS (hypertext transfer protocol secure) encryption, a security measure that scrambles signals to and from the site in order to prevent spying.
Users are still able to access unencrypted websites without interference, but Chrome will display a “not secure” sign on the left-hand side of the address bar at the top of the screen.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Clicking on the sign leads to a drop down menu that warns users “against entering any sensitive information into the page, like personal details and credit card info”, says TechRadar.
According to the BBC, “more than half” of the internet’s top million websites are not equipped with HTTPS encryption. The Daily Mail online is the UK’s busiest unencrypted site.
The broadcaster adds that “there is no evidence” to suggest such sites “are currently subject to attacks that abuse insecure data”.
Google hopes its new warning system will gradually push all websites to HTTPS encryption, says CNet. The first attempt to flag non-secure websites was in 2016, when Chrome began issuing warnings to users when they entered a site that didn’t secure passwords or personal details correctly.
In September, Google will introduce another update, Chrome 69, which will change the green hue around “secure” websites to black. This will be followed by version 70 in October, where the “not secure” warning sign will change from black to red.
Is your data secure?
That depends on how users interact with a non-HTTPS website.
According to Wired, all information sent to websites without encryption “can be intercepted by a hacker or other bad actor”. In the most extreme cases, hackers steal confidential information by using a fake website that appears to be legitimate.
There are also privacy implications, the tech news site says. Hypothetically speaking, both an internet service provider (ISP) and a bad actor can monitor a user’s activity on sites that are not encrypted.
The BBC says that “many sites are now rapidly adopting HTTPS as a result of a growing consensus around its use”, and notes that Chrome’s new flagging system may help speed that process.
In the meantime, users accessing “not secure” websites are advised to be wary of submitting personal details.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
-
Hamas frees US hostage in deal sidelining Israel
speed read Edan Alexander, a 21-year-old soldier, was the final living US citizen held by the militant group
-
White Afrikaners land in US as Trump-declared refugees
speed read An exception was made to Trump's near-total ban on admitting refugees for the white South Africans
-
RFK Jr.: A new plan for sabotaging vaccines
Feature The Health Secretary announced changes to vaccine testing and asks Americans to 'do your own research'
-
Google ruled a monopoly over ad tech dominance
Speed Read Attorney General Pam Bondi hailed the ruling as a 'landmark victory in the ongoing fight to stop Google from monopolizing the digital public square'
-
Is 'AI slop' breaking the internet?
In The Spotlight 'Low-quality, inauthentic, or inaccurate' content is taking over social media and distorting search engine results
-
'Mind-boggling': how big a breakthrough is Google's latest quantum computing success?
Today's Big Question Questions remain over when and how quantum computing can have real-world applications
-
DOJ seeks breakup of Google, Chrome
Speed Read The Justice Department aims to force Google to sell off Chrome and make other changes to rectify its illegal search monopoly
-
Google Maps gets an AI upgrade to compete with Apple
Under the Radar The Google-owned Waze, a navigation app, will be getting similar upgrades
-
Is ChatGPT's new search engine OpenAI's Google 'killer'?
Talking Point There's a new AI-backed search engine in town. But can it stand up to Google's decades-long hold on internet searches?
-
'Stunningly lifelike' AI podcasts are here
Under the Radar Users are amazed – and creators unnerved – by Google tool that generates human conversation from text in moments
-
Will the Google antitrust ruling shake up the internet?
Today's Big Question And what does that mean for users?