Today is a day that will live in infamy. Well, perhaps for a few months. This week Google started to flag websites as insecure. In this case, insecure means websites that use plain old vanilla HTTP as the transport protocol to deliver webpages to your browser window. Websites which use HTTPS– secured using the SSL security standard– supposedly will get a higher ranking on Google’s website searches than non-secure websites.
What does all this mean? For most of us, it’s not much ado about not much because many of the popular websites you visit have used HTTPS (secure) for a long time. Even my site, NoodleMac, uses SSL and HTTPS, but I also block cookies, ad tracker scripts, and analytics trackers, and you don’t hear Google say much about the ad blocker trend other than they don’t like it.
Remember, Google is an advertising company. You, when you use Google’s Chrome or search Google or use Gmail or any of the free apps that reside under the colorful, playful Google logo, are part of the product. You’re a user. Not a customer.
That said, secure websites usually are better than non-secure websites, and Google’s push to redefine the web as something more secure should be applauded. Unless you run a bunch of websites that run plain old vanilla HTTP and have need for advanced security. It could cost a small pot of gold to update some websites to HTTPS.
Regardless, where does Apple stand on the HTTPS and SSL trend among websites and Google’s attempts to move things to a more secure status?
If you’re using Safari to view NoodleMac, look to the left side of the URL search bar and you’ll see the somewhat ubiquitous Padlock which indicates a secure website. No Padlock means no SSL security. I tried viewing NoodleMac and a few other Villagers websites in Safari, Chrome, Firefox, Vivaldi, Brave, and other browsers which much the same result.
Sites secured by SSL display a padlock. Sites that use vanilla HTTP do not. But Google wants to list them as insecure sites.
Does this extra layer of security matter?
Yes. And no. If you’re logging into a website that you frequent– bank, online store, forums, business site, or whatever that does more than just display pages– yes. SSL gives more security. If you’re viewing photos in an online gallery, well, even then, SSL security is better.
What Google is doing by pushing the interwebs to a more secure standard is a good thing, worthy of consideration. But lets not forget that Google is worse than Facebook when it comes to extracted, culled, and pilfered personal information. Google’s online advertising systems– themselves more advanced tracking systems than Facebook– are nearly ubiquitous and almost impossible to avoid.
Except on NoodleMac. Unless you found the website via Google. Then you were tracked here.
What about Apple? Our favorite iPhone and Mac company could do more to help make the interwebs a secure place. An option to require or force SSL would help. So would an Apple sponsored VPN (virtual private network) for customers. So would full on end-to-end encryption with a private key for iCloud files.
Much can be done to secure our online lives. Both Google and Apple can do more than they’re doing now.