Google Chrome recently updated their browser and due to this update some websites will now be marked as insecure going forward. Furthermore websites that need you to enter information will actually now have a red triangle to discourage users from entering personal information:
So, why are some sites considered to be insecure?
The debate around website security is mainly centered around one letter. Yes, literally one letter. So websites that are considered secure have HTTPS whilst insecure sites only contain HTTP. HTTP stands for Hyper Text Transfer Protocol and this is the way servers and browsers talk to each other. The S added on secure sites (one’s with HTTPS in their url) simply stands for Security and the difference between these two standards is that the more secure HTTPS is encrypted.
Does that mean that every website that uses HTTP is not secure? That actually depends on what you’re doing. If you’re just reading the news and not entering any personal information it doesn’t really matter whether or not the page you’re on is using the https standard.
Here are some of the websites that will be labelled ‘insecure’ in Zimbabwe:
these websites are ranked by their popularity based on Alexa rank:
Some of the names on this list are established organisations that you would not expect to have insecure sites but keep in mind the fact that this is insecure as defined by Google. Other browsers don’t put that label front and centre the way that Google does.
The banks too?
For CABS, a banking institution I was particularly startled that they would leave their website branded as insecure. The only saving grace is that when users attempt to enter the internet banking portal they are taken to a secure page so that should put to rest the fears you have if you bank with CABS.
The institutions who cannot be excused for being on this list are Chinhoyi University of Technology, Vacancy Mail. These websites either contain or ask for sensitive information from users and so you would expect that protecting these users is also a priority.[UPDATE]: An earlier version of this article mentioned Recruitment Matters as being one of the websites that would be labelled as insecure. The site has been updated and is in fact now ‘secure’ and contains the HTTPS standard.