Google To Kill URLs?

Dynadot
May 21, 2014

How would you feel if you visited a webpage and you no longer saw the path to how you got there? Well, soon that may be the reality for all websites you visit if you have the latest version of Google Chrome. Google is currently experimenting hiding long URLs of websites from the address bar in the newest version of Google Chrome called Canary. This new feature is dubbed by Google as "Origin Chip".

When enabling Origin Chip, users will no longer see the long letters, characters, hyphens, and slashes in the address bar. Instead, they will only see the domain of the website. For example, the following link: "http://www.dynadot.com/go/news?4q658D8x6b8V6x7o7ls9H8Xo9MF38d8Q9Gp6w8k6D…" would appear simply as "Dynadot.com". This new features gives more attention to your domain name and makes the address bar appear uncluttered and more authentic, just like the mobile version of Safari. Many feel this is Google's big move to slowly kill the URL.

So what's the big deal?


Hackers can take advantage of this feature for phishing attacks. According to the web security firm, PhishMe, "If a URL is long enough (more than 98 characters), Google's Chrome Canary will not display any domain or URL at all, instead it will show an empty text box with the text 'Search Google or type URL'. This creates the perfect opportunity for attackers to carry out data-entry phishing attacks". All any attacker would have to do is create a URL longer than 98 characters to be undetected by Google Chrome and users would have no way of tracking where exactly the link goes to. Hiding the full URL makes it even more difficult to distinguish between a legitimate website and a phony website. A data-entry attack will send a link to users through email that lures them to a website which is disguised to look genuine and the email asks users to enter their data, such as logging into an online account. Many users fall victim to these types of attacks. One of the best ways to protect yourself from falling victim to data theft is by looking at the URL to make sure it's leading you to a legitimate website. Without the ability to evaluate the URL, even the savviest user can fall victim.

Google is still in the experiential stage of this feature and is still working out the kinks. Origin Chip is a feature that can be disabled if you don't like the idea of URLs being hidden. Although it is common to click and share URLs, it is becoming increasingly rare to type out a full URL in the address bar. When is the last time you typed out a full URL to get to a page? Many users just type the domain or do a web search to get to a website, which we recommend since search engines are your friend when it comes to finding the right website. It seems like Google has recognized the slow death of URLs and sees it as a prime chance to drive more search traffic. If you want to enable Origin Chip on your latest version of Chrome, type the following to enable this feature: "chrome://flags/#origin-chip-in-omnibox" in the address bar.

What do you think about the Origin Chip, is it the future of web browsing?

Post By: Justin Narayan, who doesn't remember the last time he typed in a full URL.

Comment
2 comments
ericlagergren
May 21, 2014 4:00pm
Isn't Mozilla doing this with the beta of Firefox?
1 Reply
teamdynadot
ericlagergren
May 21, 2014 4:35pm
Not that I know of. It seems like Google is leading the way right now. I did find that a Firefox user experienced hidden URLs on accident though. It had something to do with a problem in his custom theme.