Skip to main content

Google is cracking down on internet security in this big way

Connection is not private warning from Google.
Google

Google is making some serious changes to digital certificate security on the web, the company announced on its Security blog. The big news is that Google will no longer trust certificates from two large security firms — Entrust or AffirmTrust — due to repeated security lapses.

According to Google, the companies, which are Certificate Authorities (CA), have demonstrated patterns of unmet improvement commitments, compliance failures, and no measurable progress in how fast the company responds to publicly disclosed incident reports.

Digital certificates are an online file that authenticates and secures the data of a site, and they’re frequently the target of hackers. Exploiting a vulnerable digital certificate can be a huge deal for online security, hence why Google’s taking the measure so seriously.

As a result of Google’s decision, Chrome users will see warnings about untrusted connections as early as October 31, 2024.

Users will see this warning regarding TLS server authentication certificates when they update to Chrome 127+ and the ERR_CERT_AUTHORITY_INVALID error when they access this type of site. Sites that use Entrust include merrilledge.com, moneygram.com, and ey.com.

You can always check if a connection is secure by clicking the “Tune” icon in Chrome on the left of the address bar > Connection is secure > Certificate is valid. Website owners can rest easy if the organization field under the “Issued By” heading doesn’t list Entrust or AffirmTrust.

Valid certificate on Digital Trends.
Judy Sanhz / Digital Trends

Google is advising website owners to move to a new publicly trusted CA Owner as soon as possible before the deadline. It is also likely that this may set a precedent for future actions by the tech giant regarding other Google products.

However, it’s worth noting that Enterprise customers will have the option of continuing to trust Entrust if that is what they choose to do.

This isn’t the first time Google has warned companies to clean up their act. In 2015, they also gave Symantec an ultimatum concerning unauthorized HTTPS certificates that employees had been issuing. Despite the news of sites being tagged unreliable, there are ways you can dramatically increase security in Google Chrome, such as by encrypting your passwords.

Judy Sanhz
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
Google has a great idea to fix your tab chaos in Chrome
Google Drive in Chrome on a MacBook.

If you use Google Chrome and are sick of managing an unruly mass of tabs in your web browser, help may soon be at hand. That’s because Google is testing a new feature that could bring order to your tab chaos.

As spotted by Leopeva64 on X (formerly Twitter), a new edition of Google Chrome Canary (a version of Chrome that lets users test out experimental features) contains a new tool called Organize Tabs nestled in the top-left corner of the browser.

Read more