Over the weekend, a Google engineer on the Chrome development team made a powerful statement on Twitter listing four reasons why HTTPS is important for all web publishers and their site visitors. The engineer, Adrienne Porter Felt, is a software engineer and manager on the Google Chrome Security Team, and she has a deep understanding of this issue.
1. HTTPS is Not Just About Google
“HTTPS is a foundational part of web security.”
Many people associate the move to HTTPS with Google. However, the transition to a secure Internet began in 1994 with Netscape when it invented the SSL protocol. Web publishers, eCommerce, the Electronic Frontier Foundation, Mozilla (developers of Firefox), and web technology programmers are all invested in a secure Internet. Every publisher has a stake in adopting HTTPS and stands to benefit, even non-profit publishers who are informational and don’t serve advertising.
2. HTTPS Enables a Trouble-Free Internet
“If everything is HTTPS, one less thing to bother users about.”
HTTPS is essential for creating an Internet that focuses on the user experience. Users should be able to access websites, see advertisements, and buy products without worrying about website security, advertisements, or online payments.
3. HTTPS Enables Browser Service Workers
Browser service workers are scripts that browsers run in the background to perform automatic tasks like push notifications and background syncs. Background syncs are web APIs that allow tasks (like sending a message) to be completed without waiting for a weak connection. They store the task in the cache and complete it in the background, letting you continue with your activities. HTTPS security is absolutely vital for Browser Service Workers, which is essential for modern web functionality.
Chrome Engineer Adrienne Porter Felt Discusses Service Workers:
“ServiceWorkers are revolutionary. They make websites work offline or under flaky network conditions. They’re also too powerful to allow over HTTP. If we want the web to use ServiceWorkers, the web must use HTTPS first.”
Google’s Developer page on background syncs explains:
“The desired user experience is more like:
- Phone out of pocket.
- Achieve minor goal.
- Phone back in pocket.
- Resume life.
Unfortunately, this experience is frequently broken by poor connectivity.”
4. The Internet Should Be Safe
HTTPS ensures that the Internet is safe for all online activities. This is especially crucial when your Android or iPhone identity is tied to passwords also associated with online wallets, registrations, and more.
If someone gains access to your email password, they are only one step away from obtaining passwords to any bank, PayPal, Amazon, and finance-related accounts tied to that email. All they need to do is initiate a password reset.
HTTPS helps keep Internet transactions secure, especially on public WiFi. It helps lock down personal information, contributing to a safer Internet and reducing worries.
Adrienne’s tweet summarized it as:
“From a business perspective, we want people to both feel and be safe online. If they enjoy the web — if it’s fun and reliable and SAFE — we hope they’ll spend time using our product (Chrome).”
HTTPS Protects Your Website
Many publishers are unconvinced of the benefits of moving to HTTPS. Some dismiss it as a “browser fad.” However, there are clear benefits for publishers in upgrading to HTTPS.
A secure connection prevents third parties like ISPs or public WiFi networks from injecting ads onto your website. HTTPS ensures a better user experience and secures that you are the only one monetizing your website. According to Google’s Developer Page on why HTTP matters:
“HTTPS helps prevent intruders from tampering with the communications between your websites and your users’ browsers. Intruders include intentionally malicious attackers and legitimate but intrusive entities, such as ISPs or hotels that inject ads into pages.”
Full Text of Tweet:
- “Many people on the Chrome team are personally passionate about web security. HTTPS is a foundational part of web security. It’s a grassroots effort that worked hard to get leadership support.
- We don’t think people know or care about the difference between HTTP and HTTPS. Security indicators are nigh impossible to get perfect. If everything is HTTPS, one less thing to bother users about.
- ServiceWorkers are revolutionary. They make websites work offline or under flaky network conditions. They’re also too powerful to allow over HTTP. If we want the web to use ServiceWorkers, the web must use HTTPS first.
- From a business perspective, we want people to both feel and be safe online. If they enjoy the web — if it’s fun and reliable and SAFE — we hope they’ll spend time using our product (Chrome).”
More Reading
Image by Shutterstock, modified by Author
