Google has revealed that the next version of the Chrome browser will initially warn users about “insecure” downloads and will block them entirely in future versions.
According to a blog post, Google writes that it will eventually start blocking mixed content downloads aka non-secure files from secure websites (HTTPS). This will include software executables such as .exe, .apk files, documents, media files and more.
Insecurely-downloaded files are a risk to users’ security and privacy. For instance, insecurely-downloaded programs can be swapped out for malware by attackers, and eavesdroppers can read users’ insecurely-downloaded bank statements.
Google will start warning users about the mixed content downloads with Chrome 81, rolling out next month. In the following months, Chrome will increase the scope of warnings for different files.
By September, Chrome would warn users on downloads of images, audio, video, and text but would have started blocking all other files. Eventually, Google Chrome will start blocking all mixed content files from Chrome 86, due for release in October 2020.
The same goes out to Google Chrome for Android and iOS devices as well. However,
“Chrome will delay the rollout for smartphone users by one release, starting warnings in Chrome 83.”
Google writes that this will give a headstart to developers for updating their websites on time.
Blocking insecure downloads doesn’t guarantee that all downloads will now be malware-free. But, it will make sure that the download isn’t being meddled with from the server.