The big picture: Google argues that all websites should be protected with HTTPS, even if they don't handle sensitive communications. In today's privacy-conscious landscape, that's hard to argue with.
The latest version of Chrome will mark all HTTP sites as “not secure.” Up to this point, only a subset of HTTP pages was marked as “not secure” in the browser. The search giant intentionally made the transition a slow one in order to give developers plenty of time to move their sites over to a secure connection.
As of this past February, more than 68 percent of Chrome traffic on Android and Windows was protected (the figure climbs to more than 78 percent on Chrome OS and Mac). Furthermore, 81 of the top 100 sites on the web now use HTTPS by default.
While most would agree that HTTPS is a good thing, not everyone is convinced. This led security researcher Troy Hunt to theorize that those against the broad adoption of HTTPS are simply pushing back because they feel they have lost control and are being “forced” to move due to Chrome’s impending changes.
Hunt has also put together an informative blog post on the matter and published a 24-minute video detailing why static websites need HTTPS.
Developers looking to transition their sites to HTTPS are encouraged to check out Google’s set-up guides for more information.