Most web traffic online is now sent over an HTTPS connection, making it “secure.” In fact, Google now warns that unencrypted HTTP sites are “Not Secure.” So why is there still so much malware, phishing, and other dangerous activity online?
“Secure” Sites Just Have a Secure Connection
Chrome used to display the word “Secure” and a green padlock in the address bar when you were visiting a website using HTTPS. Modern versions of Chrome simple have a little gray lock icon here, without the word “Secure.”
That’s partly because HTTPS is now considered the new baseline standard. Everything should be secure by default, so Chrome only warns you that a connection is “Not Secure” when you’re accessing a site over an HTTP connection.
However, the word “Secure” is also gone because it was a little misleading. It sounds like Chrome is vouching for the contents of the site as if everything on this page is “secure.” But that’s not true at all. A “secure” HTTPS site could be filled with malware or be a fake phishing site.
HTTPS Stops Snooping and Tampering
HTTPS is great, but it doesn’t just make everything secure. HTTPS stands for Hypertext Transfer Protocol Secure. It’s like the standard HTTP protocol for connecting to websites, but with a layer of secure encryption.