People sometimes wonder why the @googlechrome team pushes HTTPS so hard. I've read some good conspiracy theories.
Here's the reality:
-
Show this thread
-
1) Many people on the Chrome team are personally passionate about web security. HTTPS is a foundational part of web security. It's a grassroots effort that worked hard to get leadership support.
5 replies 11 retweets 213 likesShow this thread -
2) We don't think people know or care about the difference between HTTP and HTTPS. Security indicators are nigh impossible to get perfect. If everything is HTTPS, one less thing to bother users about.
3 replies 19 retweets 220 likesShow this thread -
3) ServiceWorkers are revolutionary. They make websites work offline or under flaky network conditions. They're also too powerful to allow over HTTP. If we want the web to use ServiceWorkers, the web must use HTTPS first.
9 replies 27 retweets 235 likesShow this thread -
Replying to @__apf__
They're also too powerful to allow without explicit opt-in. Need a popdown "this site wants to run in the background - allow/deny"!
1 reply 1 retweet 3 likes -
-
Not having a Monero miner running in the background.
1 reply 0 retweets 2 likes
Yes, but not even that. Just doing https pings to the site every so often would let the site track when you're online and how your ip changes (i.e. track your movement).
-
-
Replying to @RichFelker @sporkmonger and
I would go so far as saying even background tabs should not be able to do this without opt-in; certainly sites you explicitly closed should not be able to.
0 replies 0 retweets 1 likeThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.