back to article Google's URL-hiding 'origin chip' is 'backburnered'

Google has “backburnered” a controversial feature that would have hidden full details of web addresses from Chrome users. The feature was called “origin chip” and, as we explained a few weeks back it removed all the characters beyond the top-level-domain from Chrome's Omnibox, as you can see below. The ad-slinger's …

COMMENTS

This topic is closed for new posts.
  1. dan1980

    Why does it have to be burned?

    The best option would be to provide three levels for the user to select:

    1. Turn it off entirely.

    2. Turn it on.

    3. Hybrid mode where full URLs are displayed but the actual domain is highlighted somehow.

    I'd make 3 the default. Should that option be used, it would also be nice to allow a choice of how it is highlighted. It's not that hard to expose a variable to the user after all.

    1. Flocke Kroes Silver badge

      Another possibility:

      Something like

      http::uk.co.theregister.forums/forum/1/2014/06/11/googles_urlhiding_origin_chip_is_backburnered/

      It will never catch on because current fashion in user interface design is to remove every choice on the grounds that they confuse the users. By 2084, computers will show a continuous stream of targeted ads and have no controls at all - not even an off switch.

      1. Jamie Jones Silver badge
        Thumb Up

        Re: Another possibility:

        Ahhh, memories of the anguish when finally having to start quoting my domain backwards for email etc.

        My uk.ac.lut uk.ac.ed and uk.ac.cf addresses actually meant something..

        Eek. Just realised I've fallen into another concept no longer with us: short/long form domains.

        I should have written the above as:

        uk.ac.loughborough, uk.ac.edinburgh and uk.ac.cardiff

    2. mirobaka

      Re: Why does it have to be burned?

      Option 3 is exactly what Chrome currently does. The domain is displayed in dark black and the rest of the URL is displayed in slightly lighter gray.

      Ideally it should be a bit more noticeable, but I think the idea is that they are already doing what most people think is the best way of handling it.

  2. geejayoh

    Clarification needed.

    INAA at all, particularly with internet security, but this strikes me as a good idea.

    I've witnessed many many many spam emails that have links to address that included the original buried as a sub domain to a phishing site, such as hali.fa.x.co.uk.ggeafhd.ru which could easily fool those who don't know the top-down, right to left nature of domain resolution.

    if there is a link to google.com/this_is_a_phish page, surely that's a much much much more serious issue as the spammer / hacker has already found a way to insert code into a genuine site, something I thought was actually quite difficult to do.

    Please enlighten my ignorance.

    1. DaLo

      Re: Clarification needed.

      The example The Register used doesn't make sense, of course - not only for the reason you stated (they'd actually have to upload a page onto someone else's site and by that point your website and visitors would be fubared anyway and also the fact that they obviously wouldn't use an address of www.google.com/this_page_is_malware_planted_by_a_phisher they would use www.google.com/this_page_is_perfectly_safe (www.google.com/gofind for instance).

      The issue was more with subdomains as these were getting hidden so a service like blogger, geocities etc could have a link to sandras_blog.blogger.com but redirect them to geoffs_blog.blogger.com with Geoff being a naughty boy. The address bar would just show blogger.com.

      1. Badvok

        Re: Clarification needed.

        It is only the stuff to the right of the host name that is hidden, so in your examples sandras_blog.blogger.com would show as sandras_blog.blogger.com and geoffs_blog.blogger.com would show as geoffs_blog.blogger.com.

        And this site, for example, shows as forums.theregister.co.uk not just theregister.co.uk.

        I have it turned on and quite like it, I can always click on the box to get the full URL if I want to look at it. I really can't see why people have an issue with it.

        1. DaLo

          Re: Clarification needed.

          You're right the subdomain is only hidden for some sites now I hadn't used it for a while so I turned the setting back on to check. This is a change that they have made as it didn't do this originally. I'm not sure what the list consists of but the 'www' and "m" subdomain will still be hidden when you visit a site (slightly confusing if you happen to follow an m.site.com link as the display will not look correct but the URL will state site.com the same as if you had clickled www.site.com/).

  3. Sampler

    Good Idea, Poor Implementation?

    Why not keep the idea but also have the trailing URL, so it highlights the domain, showing users what the actual site is, but also shows everything else, for those interested. A bit like option 3 dan1980 has mentioned above

    1. 142
      Facepalm

      Re: Good Idea, Poor Implementation?

      This is such an obvious and ideal solution that it astounds me they haven't used it. I just can't see a single disadvantage.

      1. Terry Cloth
        Go

        You mean like this?

        In my version of Firefox (which identifies itself as 16.0.2), the address field is exactly

        http://forums.theregister.co.uk/post/reply/2212150
        Have they removed it from later versions? (And how did it decide that `forums' wasn't worthy?)

        (This is on a used Macbook running OS X 10.5.8, which won't run a newer FF. Don't worry, though, I just bought it, and will upgrade the OS shortly...it's a bit of a hassle.)

        1. Anonymous Coward
          Anonymous Coward

          @Terry Cloth - Re: You mean like this?

          Good point, and it is like that on the latest Firefox (30.0 on Win7 and 29.0 on Mint for me).

          So, +1 to Firefox.

      2. Blitterbug
        Meh

        Re: I just can't see a single disadvantage...

        @ Mr 142,

        Is that sarcasm? If so, perhaps it's a tad misplaced.

        I was recently emailed by a client who was phished by an Apple ID scammer whose link *looked* as if it was to apple.com, except it was actually to a uk car dealership when examined carefully. I emailed the car dealership to let 'em know their site's hosting crapware, but the point is this feature would simply have shown the car dealership main URL, revealing the scam in all it's glory.

        We have a huge problem here and most phishing redirects to a totally different domain, not a hijacked area of the genuine domain.

    2. DaLo

      Re: Good Idea, Poor Implementation?

      Chrome does do this already and has for a long time

      forums.theregister.co.uk/forum/1/2014/06/11/googles_urlhiding_origin_chip_is_backburnered/

      It isn't very obvious though due to the differences being quite subtle. However there was a lot more to the discussion than this which ran for pages and pages.

  4. Norman Hartnell

    "the origin chip work is backburnered"

    Verbing weirds language.

    1. Anonymous IV

      Re: "the origin chip work is backburnered"

      Hence the American expression, "Most every noun can be verbed."

  5. Suricou Raven

    As if it'll work.

    1. http://facebook.com:view.php@scummydomain.net/sucker.html.

    2. Homoglyph attacks in IDN remain an unresolved issue anyway.

    1. Suricou Raven

      Re: As if it'll work.

      On further thought, it would actually work for case 1. Still leaves the problem of 2. though. And case 1 only works by exploiting user ignorance.

  6. bigtimehustler

    So glad this is never going to happen, personally i like being able to go to a different page of a site i fully understand by just adding or taking away from the URL!!

  7. Robert Helpmann??
    Childcatcher

    High Crimes and Misdemeanors

    And add crimes against grammar to our list of gripes to direct towards Google.

    What? Like starting a sentence with a conjunction? Mea maxima culpa. Please have mercy.

    1. Anonymous Coward
      Anonymous Coward

      Re: High Crimes and Misdemeanors

      Put your copy of Usage and abusage away and get a grip.

      "What?" - that's not a full sentence.

      "Like starting"... - Where would you like me to start taking the piss?

      "Mea maxima culpa" - You had better be absolutely sure that your Latin is tip top. I think it means (err) let's see mea - me/mine, (hmm) maxima - greatest/maximum, culpa - fault. Now let's run back through and look for declension etc - (oooh) now maxima is part of the adjective "maximum", it's singular, culpa looks feminine, so it's nominative, vocative or ablative (I think). Nom n voc don't make sense so abl (by with or from). "By my greatest fault". Google it - "through my most grievous fault". Oh well not too bad, anyway - that doesn't make too much sense as you have used it.

      "Please have mercy" - No, bugger off!

      Cheers

      Jon

      PS I can't give you a better Latin phrase to use but it would probably start with ecce and involve most of the words you used but with different declensions and other half remembered stuff from school days. Stick to English.

      1. Robert Helpmann??
        Childcatcher

        Re: High Crimes and Misdemeanors

        Have an up-vote for completely missing the point of purposefully abusing grammar in a criticism of someone else's criticism of another's grammar. Good job! As for the Latin phrase I used, please have have a look at the popular usage of mea culpa, especially the part concerning it being an admission of guilt.

        All the best...

This topic is closed for new posts.

Other stories you might like