Despite several initiatives to improve internet security standards, far too many companies are falling short of meeting them. Google is now going to start taking matters into their own hands. We’ve previously reported how they will start to automatically block ads and potentially dangerous cookies and how Microsoft is looking to block a variety of bad downloads. Now Google is going to apply even more strict measures to insecure downloads and has released a timeline for when they will start blocking certain types of downloads that come from sites that are secure (HTTPS).
The company announced the news in a blog post, here they also revealed a timeline for how they will slowly change from warning users if particular content to blocking all media and downloads entirely:
Today we’re announcing that Chrome will gradually ensure that secure (HTTPS) pages only download secure files. Insecurely-downloaded files are a risk to users’ security and privacy. For instance, insecurely-downloaded programs can be swapped out for malware by attackers, and eavesdroppers can read users’ insecurely-downloaded bank statements.
The company will start with the rollout of these changes from their Chrome 82 release which is scheduled for April and then ramp up the restrictions with each subsequent release.
These warnings are also coming to the Android and iOS versions of Chrome, but the above schedule will be delayed by a release for the mobile platforms.
Chrome will delay the rollout for Android and iOS users by one release, starting warnings in Chrome 83. Mobile platforms have better native protection against malicious files, and this delay will give developers a head-start towards updating their sites before impacting mobile users.
So, if you for some reason like to frequent and download stuff from dodgy sites, well expect that to change. Though you shouldn’t visit those sites. The internet should have come far enough for people and companies to know better, but sadly that is not the case.
Last Updated: February 17, 2020