this post was submitted on 16 Aug 2023
84 points (90.4% liked)

Technology

59132 readers
5810 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
84
Chromium Blog: Towards HTTPS by default (blog.chromium.org)
submitted 1 year ago by [email protected] to c/[email protected]
32 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.world/post/3301227

Chrome will be experimenting with defaulting to https:// if the site supports it, even when an http:// link is used and will warn about downloads from insecure sources for "high-risk files" (example given is an exe). They're also planning on enabling it by default for Incognito Mode and "sites that Chrome knows you typically access over HTTPS".

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 22 points 1 year ago (3 children)

Is this just general advice? If so, I agree, but if it's specific to this, what's the problem you see with it?

[–] [email protected] 27 points 1 year ago (1 children)

Google has shown that they're going to go the Microsoft strategy with Browser control. So long as they have majority control, that means they can be as anti-user as they would like, but since everything is downstream of chromium, everyone just basically accepts it. Everything from Google AMP (which was their attempt to take over the web in whole), to their new "Web Integrity API" which aims to lock out any competitors.

[–] [email protected] 8 points 1 year ago

Agreed, but to clarify, I was asking if there was an issue with this specific change (always using https if it's available even if the URL uses http), as it does seem to be a positive that makes me wonder why it's only happening now.

[–] [email protected] 13 points 1 year ago

It is general advice, but https should have been the default for a good while.

[–] [email protected] 6 points 1 year ago (1 children)

If we have to pick just one reason: WEI. As someone who’s been a professional software engineer for a decade and a half, this has the potential to mutate and ruin the internet at large in ways we’re only beginning to fully explore and understand.

[–] [email protected] 7 points 1 year ago* (last edited 1 year ago)

Second reason: killing manifest v2 to kneecap ad-blockers.

Third reason: banning 'trackmenot' extension from the chrome store since its purpose is to muddy search stats (enhancing privacy, but in a way that messes up Google's ad metrics and their history of your preferred search terms).