Chrome is going for default HTTPS
Hains Jose
Security Operations Team Lead @ LCM Security Inc. | Cybersecurity Expert | GIAC Certified Incident Handler | Fortinet Certified Professional | Security+
Yes, it's true Google chrome is making HTTPS as default for incomplete URLs.
What is HTTP and HTTPS?
Hypertext Transfer Protocol (HTTP) is an application-layer protocol for transmitting hypermedia documents, such as HTML. It was designed for communication between web browsers and web servers, but it can also be used for other purposes.
Hypertext Transfer Protocol Secure (https) is a combination of the Hypertext Transfer Protocol (HTTP) with the Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocol. TLS is an authentication and security protocol widely implemented in browsers and Web servers
The difference is HTTP use port 80 to send data while HTTPS use port 443 with the help of SSL/TLS
Is HTTP unsecure?
When you load a website over plain HTTP, your connection to the site is not encrypted. This means anyone on the network can look at any information going back and forth, or even modify the contents of the site before it gets to you. With HTTPS, your connection to the site is encrypted, so eavesdroppers are locked out, and information (like passwords or credit card info) will be private when sent to the site.
Advantages of using HTTPS in chrome
As of February 2021, Google Chrome accounted for around 46.81 percent of overall internet browser market share in the United States.
https://www.statista.com/statistics/276738/worldwide-and-us-market-share-of-leading-internet-browsers/
As of December 2020, Google Chrome accounted for about 66 percent of the global desktop internet browser market share. Around half of the world's population uses the internet on a regular basis, and web browsers serve as the channel through which users from across the globe access the internet each day.
https://www.statista.com/statistics/544400/market-share-of-internet-browsers-desktop/#:~:text=As%20of%20December%202020%2C%20Google,access%20the%20internet%20each%20day.
This is huge! If chrome is secured with default HTTPS, we say we are secured.
Be it as it may, the Internet now has more than 4 billion users, content consumers, shoppers and the like. The combination of user demand (site visitors are more conscious of data security than ever before), regulations (e.g. PCI DSS), and encouragement from browsers (e.g. plans to flag HTTP sites as non-secure), makes it clear that the full transition from HTTP to HTTPS will soon be due.
Reference
https://blog.google/products/chrome/milestone-chrome-security-marking-http-not-secure/
https://www.techradar.com/news/google-chrome-is-making-https-the-default-for-incomplete-urls#:~:text=Google%20Chrome%20update%20makes%20HTTPS%20the%20default%20for%20incomplete%20URLs,-By%20Joel%20Khalili&text=Google%20will%20soon%20roll%20out,the%20more%20secure%20HTTPS%20protocol.
https://www.zdnet.com/article/chrome-will-soon-try-https-first-when-you-type-an-incomplete-url/
https://www.ghacks.net/2021/01/04/chrome-will-soon-try-https-first-when-a-user-types-an-address-in-the-browser/