[tokenizerrr]

All of that is bad, none of it is a security issue. Privacy, sure. But not security. And the article specifically shows that Google is planning to mark example.org as insecure. Which it's not.

[ancarda]

But it quite literally is:

    insecure (adj.)
    (of a thing) not firm or fixed; liable to give way or break.
    not sufficiently protected; easily broken into.

A webpage loaded over HTTP is easy to tamper with. Let me give you an example of traffic over HTTP that is secure -- apt repositories; because you're only retrieving payloads protected by PGP, so the actual payload is firm, fixed, and not easily broken into.

How else do you define insecure? Have I misunderstood the definition?

[tokenizerrr]

I define insecure as a machine/user getting compromised. Malware, phishing and the like.

Anyway, your example is a good one as to why it's weird for Chrome to label these things as insecure.

[ancarda]

Insecure can't be used as a drop-in replacement for compromised though; Being insecure will get you compromised. One distinct thing might lead to another distinct thing

[MaxBarraclough]

> I define insecure as a machine/user getting compromised

So a bank using plaintext HTTP doesn't qualify an insecure?

[UncleMeat]

Integrity is one of the components of security.