wordpress blog stats
Connect with us

Hi, what are you looking for?

, ,

Google Chrome to gradually block all ‘mixed content downloads’

Google Chrome will “gradually” block non-HTTPS downloads started on secure pages (mixed content downloads) starting from June 2020, and will eventually block all mixed content downloads by October 2020, it announced in a blog post on February 6. Starting April 2020, Chrome will start warning users whenever they download non secure files such as executables (.exe) on secure pages, which is significant, because in Google’s own admission, it currently gives no indication to the user that their privacy and security are at risk. In October 2019, Google had said that it was planning to block mixed content downloads.

“Insecurely-downloaded files are a risk to users’ security and privacy. For instance, insecurely-downloaded programs can be swapped out for malware by attackers, and eavesdroppers can read users’ insecurely-downloaded bank statements. To address these risks, we plan to eventually remove support for insecure downloads in Chrome,” it said in the blog post.

What exactly are mixed content downloads? Mixed content occurs when initial HTML is loaded over a secure HTTPS connection, but other resources (such as images, videos, stylesheets, scripts) are loaded over an insecure HTTP connection. This is called mixed content because both HTTP and HTTPS content are being loaded to display the same page, and the initial request was secure over HTTPS, explained Google.

How Chrome plans to eventually block mixed content downloads: 

As per the blog post, file types that pose the “most risk” to users will be dealt with first, with subsequent releases covering more file types. The measures will be rolled out in the following order:

Advertisement. Scroll to continue reading.
  • Chrome 81 (released March 2020) and later: Will print a console message warning about all mixed content downloads.
  • Chrome 82 (released April 2020): Will warn on mixed content downloads of executables (e.g. .exe).
  • Chrome 83 (released June 2020): Will block mixed content executables and will warn on mixed content archives (.zip) and disk images (.iso).
  • Chrome 84 (released August 2020): Will block mixed content executables, archives and disk images and will warn on all other mixed content downloads except image, audio, video and text formats.
  • Chrome 85 (released September 2020): Will warn on mixed content downloads of images, audio, video, and text and will block all other mixed content downloads.
  • Chrome 86 (released October 2020) and beyond: Will block all mixed content downloads.

Courtesy: Google

Google justified the phased rollout of the feature as being “designed to mitigate the worst risks quickly, provide developers an opportunity to update sites, and minimize how many warnings Chrome users have to see”. Also, Chrome will delay the rollout for Android and iOS users by one release, and Chrome users on Android and iOS will receive the 83 version first, since “mobile platforms have better native protection against malicious files, and this delay will give developers a head-start towards updating their sites before impacting mobile users,” according to Google.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

News

In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...

News

By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

News

By Stella Joseph, Prakhil Mishra, and Yash Desai The Government of India circulated proposed amendments to the Consumer Protection (E-Commerce) Rules, 2020 (“E-Commerce Rules”) which...

News

By Rahul Rai and Shruti Aji Murali A little less than a year since their release, the Consumer Protection (E-commerce) Rules, 2020 is being amended....

You May Also Like

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ