Illustration by Alex Castro / The Verge
Google has revealed plans to initially warn Chrome users about “insecure” downloads and eventually block them outright. “Today we’re announcing that Chrome will gradually ensure that secure (HTTPS) pages only download secure files,” Joe DeBlasio of the Chrome security team wrote in a blog post. “Insecurely-downloaded files are a risk to users’ security and privacy. For instance, insecurely-downloaded programs can be swapped out for malware by attackers, and eavesdroppers can read users’ insecurely-downloaded bank statements.”
Beginning with Chrome 82, due for release in April, Chrome will warn users if they’re about to download mixed content executables from a secure website.
Then, when version 83 is…