Chrome 70 could break thousands of websites, but that’s their own fault
As a result of using old security certificates, thousands of sites on the internet may stop working as soon as October 16. When Google begins rolling out its next version of the Chrome browser — called Chrome 70 — users navigating to these sites will be greeted with a security warning once Google drops trust for HTTPS security certificates issued by Symantec prior to June 2016.
When Google discovered more than a year ago that Symantec had improperly issued security certificates, it warned that it will drop support for the affected batches of certificates from the security firm. In essence, security certificates issued by Symantec prior to June 2016 won’t be trusted by Chrome 70, and web developers had more than a year to prepare for the change. Security researcher Scott Helme found more than 1,000 sites in the top million websites ranked by Alexa that may be affected by the change once Google rolls out Chrome 70, including a few notable government sites from India and Tel Aviv. A few of the sites on Helme’s list recently changed to new certificates, so they won’t be affected.
In addition to Symantec certificates, users visiting websites using certificates issued by Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL prior to June 2016 will also be greeted with a security warning on Chrome 70, TechCrunch reported.
Google also made recent headlines for some of its efforts in building trust on the internet. The company came under fire with the release of Chrome 69 for trying to hide the “www” portion of a web address in the Chrome omnibox. After users protested, Google reversed course, but it said that the change is still incoming once Chrome 70 launches. An even more radical change that Google is exploring includes killing web addresses altogether. Google hasn’t revealed what the alternative to URLs would be, but the company stated that this is an idea that it is still working on as part of its effort to help build a safer web experience.
Chrome 70 follows on the heels of Chrome’s major redesign with the launch of Chrome 69. The next version of Google’s web browser will introduce new features, such as shape detection and barcode scanning, Web Authentication support with biometric scanners on MacOS and Android where available, and Web Bluetooth support on Windows 10, Google announced. With Chrome 70, Google will also reverse its recent controversial decision to forcibly sign users into the browser once they log into a Google account on the web.
- Google tried to kill ‘www,’ until Chrome users protested the change
- Chrome 70 allows users to opt out of controversial auto sign-in feature
- Your Google Chrome extensions are about to get a lot safer
- Google’s Pixelbook 2 tablet could debut with fingerprint security
- Chrome 69 logs you in without consent, but Google says it’s for your own good