In January, Google plans to release a new version of Chrome that begins the path to considering non-encrypted HTTP web connections insecure. This move could help accelerate the industry towards using HTTPS everywhere, which on the surface is good for security and privacy. However, these encrypted connections also introduce a small black cloud to our security as well. Watch the video below to learn more about the Chrome change and its wider implications on InfoSec.
Episode Runtime: 3:42
Direct YouTube Link: https://www.youtube.com/watch?v=gVJogiidNIw
EPISODE REFERENCES:
- Google’s blog post on upcoming HTTP changes to Chrome – GoogleBlog
- Encryptions hides half of cyber attacks – Computer Weekly
- HTTP Public Key Pinning – Wikipedia
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply