Google is looking to replace URLs with something more secure



Google’s Chrome browser just turned 10. In that short amount of time, the Chrome browser has made a huge impact upon the web. Chrome popularized auto-updates and led the charge toward complete HTTPS web encryption.

Now, Google Chrome looks to the future and they’re fundamentally rethinking URLs.

URLs, or Uniform Resource Locators, are the web addresses we all use every day. They navigate us to the websites we want to see, instead of us having to manage the routing protocols and number strings ourselves.

Unfortunately, most URLs have become increasingly unintelligible. Add in third-party link shorteners and malicious redirect schemes, and it’s difficult to know which links are safe and which lead to dangerous waters.

It’s even worse on mobile devices where there isn’t room to display most of the URL, so you’re clicking on potentially unsafe URLs without even knowing that you’re on the wrong page.

This has all been a boon for cyber criminals that build malicious sites and delight in the confusion. They nefariously impersonate legitimate institutions, run phony web services, launch phishing schemes, and set up malicious downloads effortlessly. All because it’s so confusing for users to know who they’re dealing with online.

Google Chrome’s engineering manager, Adrienne Porter Felt, stated, “People have a really hard time understanding URLs. They’re hard to read, it’s hard to know which part of them is supposed to be trusted, and in general I don’t think URLs are working as a good way to convey site identity. So we want to move toward a place where web identity is understandable by everyone—they know who they’re talking to when they’re using a website and they can reason about whether they can trust them. But this will mean big changes in how and when Chrome displays URLs. We want to challenge how URLs should be displayed and question it as we’re figuring out the right way to convey identity.”

While the need to change URLs is clear, the best way to change them remains unclear.

Right now, the focus is on identifying possible alternatives that will enhance security and identity integrity on the web.

Adding convenience for everyday tasks like sharing links on mobile devices is also part of the equation.

The Chrome team rolled out something called the “origin chip” in 2014 as a potential answer to the URL security problem, but it didn’t prove to be the final workable answer.

With the origin chip, it showed only the main domain name of sites to help users know which domain they were browsing on. If the person wanted to see the full URL they had to click the chip.

While that didn’t work out, the Google Chrome team feels they’re be ready to talk publicly about some of their new ideas as early as this fall or next spring.

As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648