Skip to main content
  1. Home
  2. Computing
  3. News

Google is cracking down on internet security in this big way

By
Connection is not private warning from Google.
Google

Google is making some serious changes to digital certificate security on the web, the company announced on its Security blog. The big news is that Google will no longer trust certificates from two large security firms — Entrust or AffirmTrust — due to repeated security lapses.

According to Google, the companies, which are Certificate Authorities (CA), have demonstrated patterns of unmet improvement commitments, compliance failures, and no measurable progress in how fast the company responds to publicly disclosed incident reports.

Recommended Videos

Digital certificates are an online file that authenticates and secures the data of a site, and they’re frequently the target of hackers. Exploiting a vulnerable digital certificate can be a huge deal for online security, hence why Google’s taking the measure so seriously.

As a result of Google’s decision, Chrome users will see warnings about untrusted connections as early as October 31, 2024. According to Entrust, however, certificates issued before then will remain valid and trusted by Google.

Users will see this warning regarding TLS server authentication certificates when they update to Chrome 127+ and the ERR_CERT_AUTHORITY_INVALID error when they access this type of site. Sites that use Entrust include merrilledge.com, moneygram.com, and ey.com.

You can always check if a connection is secure by clicking the “Tune” icon in Chrome on the left of the address bar > Connection is secure > Certificate is valid. Website owners can rest easy if the organization field under the “Issued By” heading doesn’t list Entrust or AffirmTrust.

Valid certificate on Digital Trends.
Judy Sanhz / Digital Trends

Google is advising website owners to move to a new publicly trusted CA Owner as soon as possible before the deadline. It is also likely that this may set a precedent for future actions by the tech giant regarding other Google products.

However, it’s worth noting that Enterprise customers will have the option of continuing to trust Entrust if that is what they choose to do.

This isn’t the first time Google has warned companies to clean up their act. In 2015, they also gave Symantec an ultimatum concerning unauthorized HTTPS certificates that employees had been issuing. Despite the news of sites being tagged unreliable, there are ways you can dramatically increase security in Google Chrome, such as by encrypting your passwords.

Editors’ Recommendations

Topics
Judy Sanhz
Judy Sanhz
Computing Writer
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
Google Search has a new way of preserving internet history
Google logo at the company's campus in California.

After retiring cached results at the start of the year, Google is now, as reported by The Verge, adding embedded Internet Archive links to search results so we can still view older versions of websites.

You'll find the new Wayback Machine links right where the cached links used to be by clicking the three dots next to a link in the results and selecting "More about this page." The option to "See previous versions on Internet Archive" should be at the bottom of the page. Changes to the search engine can take a while to consistently show up for everyone, so keep checking back if you can't see it yet.

Read more
There’s a scary new way to undo Windows security patches
Windows 11 logo on a laptop.

Security patches for Windows are essential for keeping your PC safe from developing threats. But downgrade attacks are a way of sidestepping Microsoft's patches, and a security researcher set out to show just how fatal these can be.

SafeBreach security researcher Alon Leviev mentioned in a company blog post that they'd created something called the Windows Downdate tool as a proof-of concept. The tool crafts persistent and irreversible downgrades on Windows Server systems and Windows 10 and 11 components.

Read more
More AI may be coming to YouTube in a big way
a content creator recording a thing in the kitchen with a bowl of food

YouTube content creators could soon be able to brainstorm video topic, title, and thumbnail ideas with Gemini AI as part of the "brainstorm with Gemini" experiment Google is currently testing, the company announced via its Creator Insider channel.

The feature is first being released to a small number of selected content creators for critique, as a spokesperson from the company told TechCrunch, before the company decides whether to roll it out to all users. "We're collecting feedback at this stage to make sure we're developing these features thoughtfully and will improve the feature based on feedback," the video's host said.

Read more