Level 56
Content Creator
Malware Hunter
Google plans to block all insecure downloads in coming versions of the company's Google Chrome browser. Insecure downloads, according to Google, are downloads that originate from HTTPS websites that are not served via HTTPS. The decision won't affect sites that are still accessed via HTTP.

The change is the next step in Google's plan to block "all insecure subresources on secure pages" which it announced last year. Back then, Google declared that mixed content, another term for insecure content on secure websites, "threatens the privacy and security of users" as attackers could modify the insecure content, e.g. by tampering with a mixed image of a stock chart to mislead investors" or injecting "a tracking cookie into a mixed resource load".
Insecurely-downloaded files are a risk to users' security and privacy. For instance, insecurely-downloaded programs can be swapped out for malware by attackers, and eavesdroppers can read users' insecurely-downloaded bank statements. To address these risks, we plan to eventually remove support for insecure downloads in Chrome.
Read more below: