Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Chrome Is Getting Automatic Blocking of Malicious Downloads

Posted by timothy on from the whose-opinion-of-the-malware-though dept.

An anonymous reader writes "Google today announced Chrome is getting an automatic download blocking feature for malware. Google has already added the new functionality to the latest build of Chrome Canary. All versions of Chrome will soon automatically block downloads and let you know in a message at the bottom of your screen. You will be able to "Dismiss" the message, although it's not clear if you will be able to stop or revert the block."

20 of 138 comments (clear)

  1. Nanny state crap by barlevg · · Score: 4, Funny

    I shouldn't have to install IE if I want to set up a little virtual ecosystem.

    1. Re:Nanny state crap by Jeremiah+Cornelius · · Score: 3, Insightful

      Well. There goes your downloads of TOR and Transmission... What's blocked next?

      Maybe XBMC. Those plugins are GATT and SOPA problems just waiting to happen.

      If people want to cut the cable? Just wait for Google to "steal" the XBMC source for GoogTV, like they raped Linux for Android.

      The moral of this speculative fable? Google should be making software, not policy decisions.

      --
      "Flyin' in just a sweet place,
      Never been known to fail..."
  2. Bah... by Lumpy · · Score: 3, Insightful

    Yet they wont let me disable the god forsaken auto complete in the address bar. I completely ditched Chrome because of that damned evil annoyance.

    --
    Do not look at laser with remaining good eye.
    1. Re:Bah... by zidium · · Score: 3, Interesting

      You should use Srware Iron, a Chromium fork. It removes a LOT of the nastiness and annoyances from Chrome. I've been using it as my standard for years and ditched chrome completely since v29's fucked up New Tab Page.

      --
      Slashdot Valentines Beta Massacre: iT WORKED! The boycotts killed Beta!!
    2. Re:Bah... by Anonymous Coward · · Score: 5, Informative

      If you go to Chrome's settings and search for Privacy, you can uncheck "Use a prediction service to help complete searches and URLs typed in the address bar" to turn off this behavior. Then it will only autocomplete things from your browser history and bookmarks.

    3. Re:Bah... by jeffmflanagan · · Score: 3, Insightful

      >nobody sane would want to turn that off

      They're approximately correct with that. Autocomplete is a huge help, and only a problem for people in bad situations where they need to hide what URLs they access or their search strings. If someone is going to give you trouble over your auto-complete, get that person out of your life.

    4. Re:Bah... by Anonymous Coward · · Score: 3, Insightful

      If it's sensitive, why the fuck are you even saving those URLs? Did you know that all major browsers have implemented private mode for this purpose since a long time ago?

    5. Re:Bah... by lgw · · Score: 4, Insightful

      Sure, that's one workaround. He found an easier workaround - switch to a less arrogant browser.

      --
      Socialism: a lie told by totalitarians and believed by fools.
  3. Not sure how this is different by The+MAZZTer · · Score: 3, Insightful

    Chrome already blocks malicious downloads. Not sure how this is new. Maybe it's a more advanced version of the existing feature.

    The existing feature already looks like the current screenshot, except the text might be different. And yes, you can allow downloads using the drop down on the right.

    Possibly this is integration of anti-virus hooks? I think the existing version might just use a Google list of known safe and dangerous downloads.

    1. Re:Not sure how this is different by Deathlizard · · Score: 4, Interesting

      If its what I think they're going to do (reputation detaction Ala IE9) it won't help much. See my sig if you want to go more in depth as to why.

      Besides, The biggest Threats are the following

      1) Malicious Forked Open Source Software
      2) Installers with Bundled Adware

      for #1: look at VLC. there's so many malicious forks of this I can't even count them. Many times they're just Renames, but other times they have more adware and spyware Embeeded in them than I can count. Hell One I found Shows ads before you watch any video.

      Another example is "Fast Browser" which is a chromium browser fork with spyware baked in. it looks exactly like chrome and the only difference I can tell is the Icon (which rips off the chrome Icon, only Square) and the name in the about box.

      for #2. Lets do a search for VLC and highlight any download site that's not from videolan.org or sourceforge (although I should count sourceforge. they're doing this too now) (obfuscated to avoid clicking)

      VLCapp,com
      vlcmediaplayer,org
      Softonic,com
      4soft,org
      softwareinstall,com
      soft82,com
      softdls,com
      download-pc,com
      download366,com
      os-downloads,com ..and these are just the results from 1st page direct searches or ads from bing and google alone.

      I can all but guarantee that downloading anything from the above sites will get you some Potentially unwanted program or virus. I just wish that someone would make an Adblock plus list like the malware domain list for fake downloading sites.

      Now I know that it sounds like I'm Picking on VLC here, but it's just one of the more hijacked examples. You can do this with just about any popular Program. Firefox, Chrome, 7zip, Openoffice, Minecraft, even IE10 and Windows Media Player have software wrappers.

      Hell. Even the Microsoft Store in WIndows 8 isn't safe. Do a search for VLC there and the first or second hit is a link to getdesktopapp,com which piles on the junkware. when you look at the app's Publisher. he's doing the same thing with peazip, 7zip UMPlayer and openoffice.

      If Chrome does something about these software wrappers then were talking, otherwise it's nothing new from what they were doing before or what IE's been doing for years, and that hasn't stopped anything either.

      --
      In Soviet Russia, Trojan exploits YOU!
  4. Great news! by sootman · · Score: 5, Insightful

    Now, can you let me choose for myself which filetypes are safe or not? For my job, I have to download many PDFs (up to 100 at a time) and Chrome asks me EVERY... SINGLE... FUCKING... TIME "This type of file can harm your computer. Do you want to keep <filename> anyway?"

    LISTEN IDIOT: These PDFs come from a trusted source. Yes, I have to download them. No, I don't want to view them in the browser right this second. Also, I'm on a Mac, and also also, I don't use Acrobat, and also also also, this is my work machine, and IF anything would happen to it, I'd let I.T. blow it away and re-image it if needed. LET ME DOWNLOAD THE GODDAMN FILE. Every few months I search to see if there's a way to disable this, and so far I've come up empty.

    Needless to say, I don't use Chrome for this part of my job.

    --
    Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
    1. Re:Great news! by Anonymous Coward · · Score: 3, Funny

      You should go fork yourself.

    2. Re:Great news! by Gravis+Zero · · Score: 5, Informative

      Now, can you let me choose for myself which filetypes are safe or not? For my job, I have to download many PDFs (up to 100 at a time) and Chrome asks me EVERY... SINGLE... FUCKING... TIME "This type of file can harm your computer.

      this will remove the down warning for all file types.

      on OSX, open /Users/yourusername/Library/Preferences/com.google.Chrome.plist and replace the "download" section with this


            "download": {
                "directory_upgrade": true,
                "prompt_for_download": false
            },

      found it in 2 minutes. my google fu is strong.

      --
      Anons need not reply. Questions end with a question mark.
    3. Re:Great news! by oreiasecaman · · Score: 3, Informative

      $ wget -i url_list.txt

      --
      This is a UDP joke, I don't care if you get it or not...
  5. How long until "malicious" defined as ... by RLiegh · · Score: 3, Interesting

    ...software contrary to corporate (RIAA/BSA) interests?

    1. Re:How long until "malicious" defined as ... by peter.kingsbury · · Score: 3, Insightful

      ...software contrary to security (NSA) interests?

      This is 2013. Fixed that for ya.

    2. Re:How long until "malicious" defined as ... by novakreo · · Score: 3, Interesting

      I've already had Chrome tell me that youtube-dl was potentially malicious the first time I downloaded it several months ago. Hasn't happened since, but the potential to abuse this feature is definitely there.

      --
      O frabjous day! Callooh! Callay!
  6. Microsoft tried this before by tepples · · Score: 4, Insightful

    Microsoft has tried something similar. Each distinct executable has to build up a reputation over some long period before IE SmartScreen stops flagging it as "not commonly downloaded". The only way to make an executable build up reputation faster is to apply for an Authenticode software publisher certificate from a commercial CA ($$$) and keep it renewed ($$$ per year), which lets good reputation spill over from other executables from the same publisher that have earned good reputation. This especially messes with the release early, release often mentality of amateur free software developers who might not be willing to form an LLC and buy and maintain an Authenticode certificate.

    1. Re:Microsoft tried this before by Riddler+Sensei · · Score: 4, Insightful

      God, that sounds like extortion.

      "It'd be a shame if we told the user that your software might maybe sorta kinda be malware."

  7. let me add this by slashmydots · · Score: 5, Funny

    Chrome usage has been falling by approx 0.25% market share per month for the last year or so. It's like they're just trying to accelerate it now. Plus, I'm 99% sure this is an exact clone of a feature included with IE7. The IE10 version is even more popular with it's 5 or so clicks to finally get to the "I don't give a fuck if you haven't heard of this download, it's from fucking Sourceforge, don't delete it and let me run the damn thing. Yes I know it's a fucking MSI file" button. REAL popular feature.