Members of the Chrome Security team in September, 2018 had out forth a proposal of killing the URLs which might be familiar to many people. The researchers are not actually advocating a change to the underlying infrastructure of the web. However, they are focusing on reworking on how the browsers convey what website they are looking at so that they don’t have to content with the increasingly long and unintelligible URLs. It will also help to escape the fraud that has sprung up around them.
Emily Stark, the Chrome usable security lead at a talk at the Bay Area Enigma security conference on January 29, 2019 talked about the controversy and detailed about the Google’s first step towards a more robust website identity. It was clarified by Emily that the search engine does not intend to induce chaos by eliminating the URLs but wants to make it harder for the hackers to capitalize on user confusion about the identity of a website. At present the endless haze of the complicated URLs gives a chance to the hackers a cover for effective scams.
They have the ability to create a malicious link that seems to lead to a legitimate site but it actually automatically redirects victims to a phishing page. They can also design malicious pages with URLs that look similar to that of the real one with a hope that the victims will not notice and they are G00gle instead of Google. As there are so many hurdles at the URL phase, the Chrome team is already working on two of the projects aimed at bringing users some clarity.
Stark said, “What we’re really talking about is changing the way site identity is presented. People should know easily what site they’re on, and they shouldn’t be confused into thinking they’re on another site. It shouldn’t take advanced knowledge of how the internet works to figure that out.” The efforts of the Chrome team so far is focusing on how to detect URLs that seem to deviate in some way from standard practice.
Photo Credits: Gadg