Try out brand new Chrome Browser features in a pre-release build. Choose this option if you want to install the beta version of Chrome Browser to test its functionality and performance in your environment. Get the 64-bit and 32-bit beta bundles. Chrome beta MSI (64-bit) Chrome v.
HTTPS Being the widely used and default protocol now, will not be catering to websites that do not support it. In such cases, Chrome will bounce back to HTTP instead of HTTPS. Meaning, if a local host tries to access a website that does not support HTTPS, Chrome will fall back on the HTTP protocol instead of the updated HTTPS feature. Chrome is a very popular web browser designed to be fast and lightweight. It was developed by Google in order to make surfing the web easier even as technology changes. Chrome has an incredibly minimalist interface with very few buttons or menus. This is intended to maximize the amount of screen space available for displaying websites. Small programs that add new features to your browser and personalize your browsing experience.
We have been constantly updating you on Google’s every step to make the internet a paradise. We previously informed you about the Google Chrome update and similar movements initiated by Firefox as well.
To make the ‘www’ more secure for all the Chrome users across the world, Google has come up with its latest update; Chrome update version 90. In this article, we are going to brief you on what the updates mean for you and shed light on Google’s plan to make the internet a better place for netizens.
Now, all websites will be automatically loaded in ‘HTTPS as a default instead of the previously used ‘HTTP’. This update allows websites to load faster and ensure safe navigation. Websites not supporting ‘HTTPS’ will fall back onto ‘HTTP.
Having a ‘Not secure’ prompt display in your website’s URL is a major downside to the website’s user experience as well as conversion rate. Over the years, customers have run away from the default HTTP unsecured websites. Bearing this in mind, Google came up with its latest feature for website owners to ensure a much reliable experience. Find out how!
HTTPS has been consistently faster and secure than the default HTTP protocol for decades. With this situation in mind, Google found an excellent opportunity to revamp into a much secure and user-friendly experience. Realising that users type incomplete URLs while accessing websites, Google decided to update Chrome 90, through which users will be redirected to the secure HTTPS without specifying the protocol.
As per the latest data from Google’s Transparency Report, 95% of websites use encryptions to safeguard their conversions, bounce rate, and traffic. This security improvisation was announced in March 2021 in the Chromium Project blog along with other Chrome 90 updates. Compared to the other updates like video conferencing and reduced data consumption, the safe HTTPS navigation update received the limelight.
In the competition for (HTTP:// vs HTTPS://), HTTPS certainly wins as it is a safer navigation option for users. This implies if you visit a website let us say ‘safe.com’ on your browser, Google will load the website as ‘https://safe.com’. Here, Google discards the usual ‘http://safe.com’ completely making the ‘HTTPS’ default.
Also, read our guide on the difference between HTTP & HTTPS
Making the shift of automatically loading HTTPS as the default protocol for websites, has proved to improve the website’s loading speed along with privacy measures. HTTPS Being the widely used and default protocol now, will not be catering to websites that do not support it.
In such cases, Chrome will bounce back to HTTP instead of HTTPS.
Meaning, if a local host tries to access a website that does not support HTTPS, Chrome will fall back on the HTTP protocol instead of the updated HTTPS feature. This is also inferred upon certificate errors, untrusted self-signed certificates, connections errors, etc.
The Chrome 90 update overcomes Google’s historical scheme of loading default HTTP web pages resulting in the daunting ‘Not Secure’ warning. Over the years, this has driven away potential customers from businesses.
Why does the shift to HTTPS as a default matter?
Shifting to HTTPS as the default browser can have a positive impact on loading websites as Google presumes that most websites are using SSL/TLS certificates. Considering most websites do use these certificates, will this have a negative impact on those who do not? Absolutely not. The websites not having these certificates will still load. However, the browser will give HTTPS the first try and then go back to loading with HTTP.
Here are a few reasons for Google’s HTTPS update:
Keeping our data secure: It is no secret that most users do not type the complete URL while visiting a website since most use HTTPS anyway. This allows Google to assume that people wish to keep their data secure using encryption. Basically, this is Google’s boon to prevent costly data breaches and insecure connections.
Google’s Security Policy: Google strongly believes in maintaining a secure and qualitative website. Apart from this, strong encryption is the most fundamental and crucial aspect leading to safety and security in the cyber world. Google is working towards strong support encryptions in all its products and services ensuring the users safer navigation.
HTTPS used by 95% of websites: People owning websites all over the internet run away from the ugly ’not secure’ display. Be it a customer or the website owner itself, nobody likes it. This led to most websites using an SSL/TLS certificate which meant that they were legit.
Now, this resorted to 95% of websites following the same security measure. Now catering to most websites, it is quite logical for Google to allow HTTPS as a default. This helps websites to improve their conversion rate along with users having safer navigation options.
Summarizing Google Chrome 90 update, in a nutshell, all websites will be automatically loaded in ‘HTTPS’ as a default instead of the previously used ‘HTTP’. This update allows websites to load faster and ensure safe navigation. Websites not supporting ‘Https’ will fall back onto ‘HTTP.
Google has released Chrome 90 today, April 14th, 2021, to the Stable desktop channel, and it includes security improvements, a new AV1 encoder, and the default protocol changed to HTTPS.
Chrome 90 fixes 37 security bugs, including a zero-day used at the Pwn2Own competition and publicly released Monday on Twitter.
Originally scheduled for release yesterday, it is believed Google pushed it back a day to fix the zero-day vulnerability.
Today, Google promoted Chrome 90 to the Stable channel, Chrome 91 as the new Beta version, and Chrome 92 will be the Canary version.
Windows, Mac, and Linux desktop users can upgrade to Chrome 90 by going to Settings -> Help -> About Google Chrome. The browser will then automatically check for the new update and install it when available.
HTTPS is now the default protocol
With the release of Chrome 90, any URL entered in the address bar that does not contain a protocol (https:// or https://) will automatically be considered to be an HTTPS connection.
For example, if you type example.com in the address bar and press entered, Google Chrome previously would attempt to connect to the URL using the http:// protocol.
With Chrome 90, Google has switched the default protocol to https:// to increase security while browsing the web. Furthermore, as many sites redirect HTTP connections to HTTPS connections, this new default will increase performance as browsers will no longer be redirected.
However, there are some exceptions to this new rule.
In a blog post announcing this feature, Google noted that 'IP addresses, single label domains, and reserved hostnames such as test/ or localhost/ will continue defaulting to HTTP.'
This feature is currently rolling out to Chrome users, so it may not be available to everyone as of yet.
Continued NAT Slipstreaming protection
Chrome 90 includes additional protection from NAT Slipstreaming attacks by blocking FTP, HTTP, and HTTPS connected on port 554.
NAT Slipstreaming attacks abuse a router's Application Level Gateway (ALG) feature to gain access to any port on an internal network, potentially allowing threat actors to gain access to services that are normally secured by the router.
This port was previously blocked to prevent attacks but was opened again after Google received complaints from developers.
After performing further analysis of this port, Google has determined that it is used for only approximately 0.00003% of all requests. Due to its low usage, Google is once again blocking it.
Google Chrome gets an AV1 Encoder
With Chrome 90, Google now includes an AV1 encoder to increase performance in videoconferencing software using WebRTC.
Google states that the benefits of the AV1 Encoder are:
- Better compression efficiency than other types of video encoding, reducing bandwidth consumption and improve visual quality
- Enabling video for users on very low bandwidth networks (offering video at 30kbps and lower)
- Significant screen sharing efficiency improvements over VP9 and other codecs.
Google Tab Search continues to roll out
Google Chrome Tab Search feature continues to roll out in Chrome 90, with hopefully more users getting it without having to enable it via a flag.
The Tab Search feature allows you to search through your open tabs among all open browser windows to find a specific page.
If you are like me and have 50+ tabs open at once, trying to find a particular page among all your open browser windows is a major pain.
With Tab Search, you can click on the little down arrow to the right of your tabs and search for a particular keyword found in a page's title or URL. Tab Search will then display a list of open tabs that match that search keyword and allow you to quickly select and make the the active one.
Developer changes in Chrome 90
This release brings numerous new APIs, trials, and changes to Google Chrome. Below we have listed the main developer changes:
- There's a new value for the CSS
overflow
property. - The Feature Policy API has been renamed to Permissions Policy.
- And there's a new way to implement and use Shadow DOM directly in HTML.
- Clipboard: read-only files support
- WebAssembly Exception Handling
- URL protocol setter: New restrictions for file URLs
- WebXR Depth API
- WebXR AR Lighting Estimation
Google Chrome Website Download
For more details, be sure to check out the Chrome 90 developer changes blog post.