I’m worried about Chrome’s monopoly over the web, too (Which is even bigger if one considers Chromium and all the Chromium and Blink based browsers), and don’t recommend people use Chrome as their daily driver (Firefox for Windows and Firefox for Android are better on both platforms, and is based on it’s own Gecko engine, not Blink, and isn’t a Chromium spin-off or fork), but this specific change, as described in the article, sounds like a very small thing to improve safety that will impact very few sites that keep themselves updated. Now, if ultimately they block you from downloading any file they don’t like, as you think they eventually will, that definitely *won’t* be fine, but that’s not what the article describes. I don’t use Chrome either, but this change seems fine. To address these risks, we plan to eventually remove support for insecure downloads in Chrome. For instance, insecurely-downloaded programs can be swapped out for malware by attackers, and eavesdroppers can read users' insecurely-downloaded bank statements.
Insecurely-downloaded files are a risk to users' security and privacy. by tampering with a mixed image of a stock chart to mislead investors" or injecting "a tracking cookie into a mixed resource load". Back then, Google declared that mixed content, another term for insecure content on secure websites, "threatens the privacy and security of users" as attackers could modify the insecure content, e.g. The change is the next step in Google's plan to block "all insecure subresources on secure pages" which it announced last year. The decision won't affect sites that are still accessed via HTTP. Insecure downloads, according to Google, are downloads that originate from HTTPS websites that are not served via HTTPS. Google plans to block all insecure downloads in coming versions of the company's Google Chrome browser.
0 kommentar(er)
