Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Targets Fake "Download" and "Play" Buttons (torrentfreak.com)

Posted by timothy on from the no-mallet-big-enough-for-justice dept.

AmiMoJo writes: Google says it will go to war against the fake 'download' and 'play' buttons that attempt to deceive users on file-sharing and other popular sites. According to a new announcement from the company titled 'No More Deceptive Download Buttons', Google says it will expand its eight-year-old Safe Browsing initiative to target some of the problems highlighted above. 'You may have encountered social engineering in a deceptive download button, or an image ad that falsely claims your system is out of date. Today, we're expanding Safe Browsing protection to protect you from such deceptive embedded content, like social engineering ads,' the company says.

30 of 117 comments (clear)

  1. Re-purpose by SuperKendall · · Score: 4, Funny

    How would Google target them

    You know that 20% of free project time Google employees get? Yeah, now it's looking for download button images.

    It's not even like they lose anything as they only tell the Google workers that were surfing porn anyway to save off URL's as they browse.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  2. Verifying redirect addresses. by blueshift_1 · · Score: 2

    The biggest thing is to always look at the redirect address and see if it makes any sense. Usually the advertisements give themselves away. Though this doesn't really help the most naive of users. Who wants waste time when they could be downloading sw33t haxz.

  3. Re:Great article by sims+2 · · Score: 2

    Right next to the title https://torrentfreak.com/googl...

    Hopefully they will go back to putting links in the summary shortly.

    --
    Minimum threshold fixed. Thanks!
  4. Re:Good by Anonymous Coward · · Score: 5, Insightful

    SOME!?
    More like nearly ALL!

    I've seen download sites for FOSS software have a lot of this crap. It gets confusing for me as an IT professional sometimes to figure out the legit download links, I can't imagine how normal computer users manage to navigate the hazardous waters long enough to actually get a legit non virus laden download. Then you have even legit downloads from massive companies filled with toolbars (like adobe reader and flash).
    Like shark infested water. Hopefully this move will do some good

  5. Re:How would this work? by omnichad · · Score: 3, Informative

    When you visit a web site flagged by Safe Browsing (in Chrome), there's a full screen warning before allowing you to go to the site. They could probably replace the ad image with a similar warning that you have to click through in order to load the ad.

    But it looks like they're just flagging the whole page (see the article linked in the headline - hey, whipslash, we don't want this), letting the site owner take the damage to their reputation for allowing the ads.

  6. Re:A question by omnichad · · Score: 5, Funny

    You're right. We need cross-platform compatibility for malware. Who's with me?

  7. Download.com by Not-a-Neg · · Score: 4, Informative

    They can start with Cnet's Download.com, nothing but ad banners with identical looking green "download" buttons.

    --
    -==- Buy a Mac and leave me alone!
    1. Re:Download.com by Frosty+Piss · · Score: 2

      Cnet's Download.com didn't start off that way. "Back in the day" it could be a great "go-to" for software downloads. But they have or are cutting their own throats, it's hard to imagine anyone downloading anything from these clowns today. Let alone actually read any of the "articles" they publish, I mean seriously, who reads that shit?

      --
      If you want news from today, you have to come back tomorrow.
    2. Re:Download.com by castionsosa · · Score: 3, Informative

      A while back, it was an excellent source for software... the closest thing Windows ever got to a repository. However when they started bundling foistware [1] with other people's downloads, they changed to yet another site that is not worth visiting.

      [1]: Software that adds browser add-ons and toolbars, then adds a loopback VPN and a trusted root CA into Firefox's keystore is not exactly trustworthy.

  8. Re:can they expand this to GWX malware? by omnichad · · Score: 2

    Microsoft already reboots my computer enough without my permission. I don't want Google doing it too.

  9. Re:Good by omnichad · · Score: 2

    IMGBurn. Not FOSS, but freeware. There's even ads on their site with the IMGBurn icon and a download button but they are for PC Mechanic.

  10. Re:How would this work? by Gojira+Shipi-Taro · · Score: 3, Informative

    As well they should. Any site owner that tolerates these deceptive tactics, which are generally also mal-ware vectors, deserves to have their reputations shredded.

    --
    "Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
  11. Re:Good by ShaunC · · Score: 4, Interesting

    I agree. There are tons of fake download links on otherwise reputable sites, there are gray area sites like TPB where you have to be careful what you click, and there are tons of fake download sites where none of the links are legitimate at all. Try Googling for "[random device] driver" and you get many dozens of bullshit SEO'd sites where all the links point to some EXE full of who-knows-what. I hope they're going to combat all three categories.

    As an aside, I wonder if SourceForge will get penalized...

    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
  12. Re:A question by omnichad · · Score: 3, Interesting

    Microsoft could have worked on an alternative executable format that is safe and sandboxed

    You mean MSI / Windows Installer Service? That's about as good as you can hope for, but it does nothing for a user who is convinced they are downloading a program - and digital signatures aren't even shown to the user to match against the name of the software being installed. It only shows if there's not one or it's invalid.

    If the user thinks they're going to install software, they're going to give it admin permission to install necessary registry and file permissions. How do you sandbox that away without blocking a legitimate installer?

  13. Re:How would this work? by omnichad · · Score: 3, Interesting

    All you have to do is sign up for Google Adsense to end up on Google's blacklist. That's going to backfire real quick. They still have fake download buttons on Adsense.

  14. Force sites to do it themselves by goombah99 · · Score: 3, Interesting

    Sites want to get indexed by google. If a site hosts ads that have bullshit Deceptive practices google can downrank them. Google doesn't have to be 100% effective. Even a crude system for spotting these is going to turn up hits if a site isn't blocking these kinds of adertisers. And so on. If a site doesn't do it's own ads but instead hosts ads from and advertising aggregator and they do this bullshit then the site will drop them to stay in google's good graces.

    And so all google has to do is scan adds that show up in content providers and then punish them. so it's top down.

    They can also try to go bottoms up, and seek out companies that do these kinds of ads but that's going to be impossible to block unless they are actually hosting the page. However that's not completely nuts. companies like Opera and Amazon who offer compression and caching of web pages in their browsers do have the capacity to edit the webpage to remove content from ad agencies they deem to be scum.

      Does google do that for android mobile? (I have no idea). But apple is talking about ad blocking. And thrid parties like ad block plus have the capability to erase ads from nasty advertisers.

    Once these technologies start denting revenue and page views those ads will dry up by themselves.

    --
    Some drink at the fountain of knowledge. Others just gargle.
  15. Analyze the image once, block it 10 million times by raymorris · · Score: 3, Interesting

    That same green "play button" image is displayed millions of times per day, linking to the same URL. They only need to check it once to discover that it's bogus. Then Chrome can block it for all Chrome users who see that image linked to that URL.

    That does involve communicating something about the block list between Chrome and Google's blacklist server. Hopefully they get that part right. The right way will probably involve communicating a strong hash of the two URLs rather than the URLs themselves.

  16. Re:Nope by freeze128 · · Score: 4, Interesting

    This is probably the reason why Google is doing this. They realize that more and more people are using ad blockers because of fake download buttons and malware serving ads. As an ad provider themselves, Google is doing this to help their bottom line. It will also help the bottom line of other advertisers, and also help to bring a little bit of trust back to the advertisers.

  17. Download Now by goombah99 · · Score: 3, Insightful

    |\
    |--\
    |----\ Click to start
    |----/ DOWNLOAD
    |--/
    |/

    --
    Some drink at the fountain of knowledge. Others just gargle.
    1. Re:Download Now by thegarbz · · Score: 2

      Your link is broken.

  18. Google needs to look at itself!! by GSMacLean · · Score: 4, Interesting

    I run a site that offers downloads of files. I have advertising on that site. A large number of those ads, obviously context-sensitive, display fake "Download" buttons on them.

    Guess who is my ad provider? Google AdSense.

    Google, heal thyself.

  19. Re:Good by omnichad · · Score: 2

    To be aware of what the average user sees?

  20. Re:How would this work? by omnichad · · Score: 2

    it seriously wouldn't be hard to correlate images that have been flagged as saying download in them with redirection scripts and or links that don't originate from the server hosting the website.

    Oh great. For the next 3 years, every reCAPTCHA response will be "Download"

  21. Re:Hopefully that include fake FBI warnings by Coren22 · · Score: 2

    Such as the ones at the beginning of DVD/Blurays?

    --
    APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  22. Re:Good by goombah99 · · Score: 2

    Adblockers don't stop this rubbish. yet

    --
    Some drink at the fountain of knowledge. Others just gargle.
  23. Re:Good by yuhong · · Score: 3, Informative

    SourceForge will likely be fixed, there was another Slashdot story on this.

  24. Re:Good by l0n3s0m3phr34k · · Score: 2

    Too true. Many sites have giant "DOWNLOAD" buttons that are just malware, then a small text link of the actual software.

  25. Re:Good by Dutch+Gun · · Score: 2

    That's surprising. I just went there as a test with a browser that had no adblocker or script blocking installed, and sure enough, the site popped open a page telling me some critical software was out of date, trying to trick me into upgrading.

    Honestly, I think Google's a little scared by the advent of adblockers, which also tend to both implicitly and explictly double as malware blockers. I see this as a move by them to make web browsing safer without having to resort to installing ad blockers. They can't exactly drop support for ad-blockers plugins, as they'd just hand their market share back to Firefox, but they can try to make them a bit less compelling to use.

    --
    Irony: Agile development has too much intertia to be abandoned now.
  26. How many years for google to notice scammers? by shanen · · Score: 2

    New subject question about how long, the answer is "The google don't care, just like the honey badger." Or you could reword it in terms of the google's new motto: "All your attention are belong to us."

    However, the post by OverlordQ that I'm responding to said:

    Some sites get ridiculous with that.

    No, it is NOT the websites or even the app, though there are things an app developer can do that can make it easier or harder for scammers to use that sort of misleading ad. The REAL problem is that the google don't care about scams or the victims thereof. The only concern of the google is MONEY. These days that is driving them to ever nastier exploitations of our private information, but it does NOT have to be that way.

    For example of a possible constructive solution:

    Add a "Business model" or "Financials" tab in Google Play. Let the developer explain how the money works, most often by selecting one of the more common options. Then the google would add a secure comment about the evidence.

    No, this would not eliminate all scams, but it would let us make better choices AGAINST scammy the business models. Again, details available upon polite request.

    Oh yeah and by the way, I've been trying to call the google's attention to these sorts of scams for some years, but it's just one of a LONG list of google-supported scams. With great power the google accepts NO responsibility.

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
  27. Re:Good by Big+Hairy+Ian · · Score: 2

    Can we get them to target fake Next and Previous buttons too

    --

    Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.