Could Chrome’s new feature spell a security disaster?

  • 0
  • May 20, 2011
Felicity Crouch

Felicity Crouch

Marketing Manager

Google has introduced a new feature in Chrome CanaryAn early-stage version of Google Chrome’s Canary build includes the ability to hide the URL bar, providing an extra 30 pixels of room to browse, but consequently leaving the user vulnerable to phishing attacks.

Luckily, it’s not a default feature so users have the option between keeping the URL bar, and removing it. But how important is the URL bar to users? And would they really notice if it was gone?

These questions have web professionals divided; with some believing it’s an essential component of navigation and user trust; and some seeing it as an enhancement for those using netbooks and laptops with smaller screens.

So how does it work?

As mentioned previously, this feature is optional; so if you do decide to hide your URL bar, you enter ‘about:flags’ in the URL bar, enable ‘Compact Navigation’, then re-launch the browser, and right-click any tab to find the option ‘Hide the toolbar’.

Your URL bar will then disappear, along with any extension, and the tool menu will move to the top left of the screen, with new ‘back’ and ‘forward’ buttons. It should look something like this:

Chrome's option to hide the URL bar

What’s the URL bar good for?

Typically, the URL bar tells the user where they are within a site, and has become an integral part of usability. URL’s that have nothing to do with what the page contains are misleading and will often trigger suspicion and distrust amongst users.

URL’s will also have a good click-through rate if they’re clear and obvious; users like to know where they’re being directed to and understand what the page is about before entering it.

Unless the link displayed in an email or on a web page shows the full URL, users won’t know where they are until they’ve clicked it. But with Chrome’s new feature, users still won’t know where they are as the URL won’t appear, so this could pose a big obstruction in the quest for a good user experience.

What does this mean for web security?

This new feature obviously poses some security risks, as it makes the threat of phishing much more probable. By hiding the visibility of the domain and SSL status of the current site, users can’t see where their clicks are being redirected to, and any personal or sensitive information they input could be at risk.

Who will this benefit?

The decision to make this an optional feature was certainly a good choice, as those more web savvy and security-conscious can stay in-the-know, whereas those wanting to embrace a larger browsing screen perhaps on their netbooks or tablets, can extend the space.

If the feature does make it onto Chrome 13, I think many will flick between the options, perhaps only hiding the URL bar on trusted sites they use daily. Providing users stay vigilant to unknown sites, I think this will turn out to be a beneficial browsing option for those using small screens, and put Google Chrome one step ahead of its competitors.

Free of charge. Unsubscribe anytime.