Microsoft Ports Edge Anti-Phishing Technology To Google Chrome (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

Microsoft Ports Edge Anti-Phishing Technology To Google Chrome (bleepingcomputer.com)

Posted by msmash on Wednesday April 18, 2018 @09:25AM from the help-a-friend-out dept.

An anonymous reader writes: Microsoft has released a Chrome extension named "Windows Defender Browser Protection" that ports Windows Defender's -- and inherently Edge's -- anti-phishing technology to Google Chrome. The extension works by showing bright red-colored pages whenever users are tricked into accessing malicious links. The warnings are eerily similar to the ones that Chrome natively shows via the Safe Browsing API, but are powered by Microsoft's database of malicious links —also known as the SmartScreen API.

Chrome users should be genuinely happy that they can now use both APIs for detecting phishing and malware-hosting URLs. The SmartScreen API isn't as known as Google's more famous Safe Browsing API, but works in the same way, and possibly even better. An NSS Labs benchmark revealed that Edge (with its SmartScreen API) caught 99 percent of all phishing URLs thrown at it during a test last year, while Chrome only detected 87 percent of the malicious links users accessed.

19 of 75 comments (clear)

Min score:

Reason:

Sort:

Re:I know why they picked bright red by gravewax · 2018-04-18 09:30 · Score: 1

bright red is the traditional colour for danger and stop.
Windows Defender for macOS? by bitchtits · 2018-04-18 09:31 · Score: 1

Is there any point in installing this extension on a mac?
1. Re:Windows Defender for macOS? by 93+Escort+Wagon · 2018-04-18 09:39 · Score: 1
  
  If you don't feel as if the Meltdown patches slowed your Mac down enough, this provides you with an additional tool.
  
  --
  #DeleteChrome
2. Re:Windows Defender for macOS? by mcl630 · 2018-04-18 09:45 · Score: 2
  
  What does your choice of OS have to do with phishing links?
Does it track me? by skoskav · 2018-04-18 09:43 · Score: 2

Though I commend their effort to improve Chrome's phishing protection, this may also be used to track users' browsing habits and show better "interest-based ads," as vaguely hinted at in the extension's privacy policy.
Thanks but no thanks.
Comment removed by account_deleted · 2018-04-18 09:54 · Score: 1

Comment removed based on user account deletion
Re:I know why they picked bright red by DontBeAMoran · 2018-04-18 10:05 · Score: 1

For Andorians, blue means danger.

--
#DeleteFacebook
This is just a portal, not a port. by IHTFISP · 2018-04-18 10:10 · Score: 2

Calling this a “port” of Windows Defender's “anti-phishing technology” is an extreme exaggeration, I suspect. Weighing in at only 295KiB total, this Chrome extension is apparently little more than a keyhole portal interface from the Chrome browser to the underling Windows Defender installed on your system platform.
So for those not running Chrome atop Windoze (like on Linux or MacOS or such), I suspect this Chrome Extension is merely a 295KiB no-op / placebo / bloatware.
I imagine the author of the Bleeping Computer® article (Catalin Cimpanu) may have been spoon-fed some verbiage from Microsoft in an undisclosed, backchannel press release of some sort. Sadly, this makes him look a bit like a breathless, sycophantic shill for The Big Blue Borg. *smirk*
I challenge anyone installing this extension on a non-Windows platform to demonstrate even a single URL that:

a) Windows Defender blocks on a Windoze box, but which...
b) Chrome's native built-in malware prevention tool (once enabled) does not catch on a non-Windoze box, but that...
c) Chrome on a non-Windoze box w/ this “Windows Defender Browser Protection” extension enabled does catch.
I venture that such an instance does not exist, unless this extension somehow leverages Microsoft's database of hinky URLs w/o using a locally underlying Windows Defender installation. In that case, I conjecture it could only do so by phoning home to Microsoft to check the URL against a remote on-line database... but that would then raise a massive privacy tsunami about remotely communicating what URLs you're visiting to some dark-site server somewhere in Redmond, WA. If so, let the tin-foil hat parade commence.
Or am I just being overly skeptical?

--
Error: NSE - No Signature Error
1. Re:This is just a portal, not a port. by tlhIngan · 2018-04-18 10:30 · Score: 1
  
  In that case, I conjecture it could only do so by phoning home to Microsoft to check the URL against a remote on-line database... but that would then raise a massive privacy tsunami about remotely communicating what URLs you're visiting to some dark-site server somewhere in Redmond, WA. If so, let the tin-foil hat parade commence.
  
  Youi realize that Google's anti-phishing thing works exactly the same way too? Except instead of Seattle, WA, it consults Mountain View, CA?
  Ostensibly, Google actually has more information, since basically all the major browsers (Chrome, Firefox and Safari) all use Google's API, whereas now, Microsoft only got Edge and now optionally Chrome.
2. Re:This is just a portal, not a port. by IHTFISP · 2018-04-20 05:05 · Score: 1
  
  You realize that Google's anti-phishing thing works exactly the same way too? Except instead of Seattle, WA, it consults Mountain View, CA?
  Perhaps. Perhaps not.
  Unless I'm mistaken, both are proprietary services, the underlying software & algorithms of which are likely trade secrets.
  Can anyone recommend good whitepaper summaries of both/either? (I'll conduct an on-line search in my copious spare time, but an expert recommendation may save me some trouble.)
  BTW, I never meant to imply that the tin-foil hat brigade is rational: just reactionary. Color them “triggered”. ;-)
  
  Ostensibly, Google actually has more information, since basically all the major browsers (Chrome, Firefox and Safari) all use Google's API, whereas now, Microsoft only got Edge and now optionally Chrome.
  True.
  Moreover, for those of us sucka chumps who set our local DNS servers to Google DNS ("8.8.8.8" & "8.8.4.4"), Google likely has a complete meta-data dossier on everything we do on the InterWebz anyway, complete with URL, timestamp, IP address, geo-location, browser signature, A1C, etc.
  —–
  Ref: https://developers.google.com/...
  Ref: https://en.wikipedia.org/wiki/... Ref: https://en.wikipedia.org/wiki/...
  Perhaps now is the time to finally switch to OpenDNS ("208.67.222.222", "208.67.220.220", "208.67.222.220" & "208.67.220.222").
  —–
  Ref: https://en.wikipedia.org/wiki/...
  Or maybe even Cloudflare's spiffy new “privacy-first” DNS resolvers ("1.1.1.1" and "1.0.0.1").
  —–
  Ref: https://en.wikipedia.org/wiki/...
  
  --
  Error: NSE - No Signature Error
3. Re: This is just a portal, not a port. by IHTFISP · 2018-04-20 05:26 · Score: 1
  
  Starbucks, which (as every good conspiracy theorist knows) is merely a front for the NSA domestic surveillance complex.
  Why else do you think they charge so much for cheap, plentiful coffee beans? It's to fund their nefarious, clandestine InterWebz hoovering, universal phone sweeping, bogus cell phone tower intercepts, public-space closed circuit camera dragnets, traffic camera espionage networks, GPS & spy satellite deployments, and so on. Even their free WiFi inside Starbucks lounges are nothing more than drop points for field agents.
  Git yourselph a bike helmet wrapped in tin foil w/ rabbit ear antennae and get woke, bro.
  “Big Brother is real. Big Brother is here. Big Brother is Starbucks.”
  Heh heh. ;-)
  
  --
  Error: NSE - No Signature Error
Chrome users should be genuinely happy by tomxor · 2018-04-18 10:17 · Score: 3, Insightful

Chrome users should be genuinely happy that they can now use both
LMFAO, so preemptively defensive.

An NSS Labs benchmark revealed that Edge (with its SmartScreen API) caught 99 percent of all phishing URLs thrown at it during a test last year, while Chrome only detected 87 percent of the malicious links users accessed.
You will have to forgive me if I consider this a worthless statistic... you know microsoft have a history if "beating everyone else" in their own hand crafted benchmarks only to be utter shit in reality (especially when talking about browsers).
1. Re:Chrome users should be genuinely happy by jrumney · 2018-04-18 17:25 · Score: 1
  
  It might be a more useful statistic if it was coupled with the rate of false positives. Usually these things are a tradeoff, and the sweet spot is more often in the 80%-90% range than at 99%.
2. Re:Chrome users should be genuinely happy by Anonymous Coward · 2018-04-18 19:58 · Score: 1
  
  Are not phishing URLS and Malicious Links the exact same thing?
  No, they're not, and that's an interesting way that allows results to be misrepresented. Suppose both Edge and Chrome are tested on a set of malicious web pages, and suppose the results are 100% identical. (Unlikely, I know, but just suppose.) The malicious web pages may include phishing pages, pages which exploit browser bugs to silently install malware, and other kinds, so the claim that Edge catches 99% of phishing URLs and Chrome detects 87% of malicious links can still be true! It would be equally true in that case that Chrome catches 99% of phishing URLs and Edge detects 87% of malicious links, so it could be presented to favour whichever browser the reporter prefers.
The biggest problem with this offering from MS by nimbius · 2018-04-18 11:22 · Score: 1

The SmartScreen API isn't as known as Google's more famous Safe Browsing API
This. Microsoft is extending something to chrome that chrome arguably never needed. its appearance and function is completely foreign to most chrome users. At best, this is another clumsy Microsoft attempt to speed past the ballmer dynasty similar to their Linux subsystem for Windows. At worst, this is Microsoft pissing in Googles Cheerios and pushing browser war brinkmanship.

--
Good people go to bed earlier.
1. Re:The biggest problem with this offering from MS by thegarbz · 2018-04-18 22:37 · Score: 1, Insightful
  
  As usual someone has completely missed the point while frothing at the mouth against the headline.
  This has NOTHING to do with Chrome. This has everything to do with Symantec, McAfee, and others, and is MS trying to prove their Windows Defender product is better than the alternatives and more feature rich.
  And to be honest I struggle to disagree. I think in terms of the overall package (security and performance) users should pick:
  1. Windows Defender
  2. Absolutely no Antivirus
  3. No internet connection or USB ports.
  4. Setting their computers on fire.
  5. Installing Avast.
  That's it. I find using Symantec or one of the others a cure worse than the disease.
Re:Data suckage++ by MachineShedFred · 2018-04-18 13:38 · Score: 4, Insightful

Really. How does Windows telemetry get my data when I'm running Ubuntu?
Yeah, that's the point of making a Chrome extension - to penetrate the non-Windows market for data harvesting. Just waiting for someone to scope the packets that get phoned home to Microsoft when this is installed.

--
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Re:Has Microsoft ever done anything right? by SeriousTube · 2018-04-18 14:45 · Score: 1

Libre office rock solid? Umm no. It doesn't crash but it does all sorts of unexpected and incorrect things if you try to do anything complicated.
Malicious links? by Anonymous Coward · 2018-04-18 23:43 · Score: 1

The extension works by showing bright red-colored pages whenever users are tricked into accessing malicious links
Happens all the time for me. Google some Excel problem, find a link that sounds like the right thing, and even points to a microsoft.com domain...
Click it, and end up with an ad for Surface, Windows 10 or Edge.
But I really don't think the add-on would catch even a single one of them.