The major Aussie websites that aren't secure
RENOWNED cyber security expert Troy Hunt has called out some of Australia's most visited websites for not being secure.
Among those that don't encrypt the data travels between users and the website include Australia's Bureau of Meteorology website, AFL.com.au, Whirlpool.com.au and the ABC website.
These websites are among a minority that do not use HTTPS - the secure version of the web's underlying data transfer protocol. The 'S' part of the acronym is the important bit.
It stands for Hyper Text Transfer Protocol Secure and is the protocol over which data is sent between your browser and the website that you are connected to.
The 'S' on the end means that communication between your browser and the website is encrypted before it travels online.
Web browsers such as Internet Explorer, Firefox and Chrome display a padlock icon in the address bar in front of the web address to indicate that an HTTPS connection is in effect.
Alternatively, websites like the ABC and the BOM site rely on HTTP which doesn't scramble the data passing between you and the site.
WHY ARE THESE WARNINGS COMING NOW?
Nothing about the way these websites work has changed but from today Google's new Chrome web browser is listing all unencrypted sites as explicitly "not secure" in front of the web address. The change is part of the tech giant's release of Chrome 68.
Google first began warning people about sites that use HTTP in early 2017 by displaying the "not secure" warning for sites that collected passwords and credit card information. The company has also subtlety favoured HTTPS-enabled sites in its search results since 2014.
Despite the push for greater encryption on the web, Mr Hunt and his colleague wanted to compile a list of major websites that still didn't use HTTPS.
"After all the advanced warnings combined with all we know to be bad about serving even static sites over HTTP, what sort of sites are left that are neglecting such a fundamental security and privacy basic?" he wrote in his latest blog post.
Many other, less visited sites, including the Government's Australian Bureau of Statistics website also rely on HTTP.
About 20 per cent of the world's 500 most popular websites are still using the non-secure protocol.
If you're not entering any password or sharing personal data on these websites, then you don't really need to worry too much as the risk that your security could be compromised is fairly minuscule.
But because the data carried between your device and the web server can be accessed by someone else on the network, theoretically cyber-criminals can work to intercept that information and devise ways to steal useful data or insert their own code or malicious adverts.