Login

Register

Login

Register

#comptia | Google Chrome will block insecure downloads in coming months


Google has revealed plans to initially warn Chrome users about “insecure” downloads and eventually block them outright. “Today we’re announcing that Chrome will gradually ensure that secure (HTTPS) pages only download secure files,” Joe DeBlasio of the Chrome security team wrote in a blog post. “Insecurely-downloaded files are a risk to users’ security and privacy. For instance, insecurely-downloaded programs can be swapped out for malware by attackers, and eavesdroppers can read users’ insecurely-downloaded bank statements.”

Beginning with Chrome 82, due for release in April, Chrome will warn users if they’re about to download mixed content executables from a secure website.

Image: Google

Then, when version 83 is released, those executable downloads will be blocked and the warning will be applied to archive files. PDFs and .doc files will get the warning in Chrome 84, with audio, images, text, and video files displaying it by version 85. Finally, all mixed content downloads — a non-secure file coming from a secure site — will be blocked as of the release of Chrome 86. Right now, Google is estimating an October release for that build of the popular web browsing. The chart below lays out the Chrome team’s current plan:

Image: Google

“In the future, we expect to further restrict insecure downloads in Chrome,” DeBlasio wrote. This is all part of Google’s effort to fully migrate developers over to HTTPS. Last year, Google began blocking HTTPS sites from pulling down insecure page resources.

These warnings are also coming to the Android and iOS versions of Chrome, but the above schedule will be delayed by a release for the mobile platforms.

Chrome will delay the rollout for Android and iOS users by one release, starting warnings in Chrome 83. Mobile platforms have better native protection against malicious files, and this delay will give developers a head-start towards updating their sites before impacting mobile users.



Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW