Google has started experimenting with a small but interesting upgrade to Chrome designed to make it harder for users to download malware without realising they are doing so.
In common with Mozilla Firefox, Chrome’s current defence against criminal websites is the Safe browsing API, which checks a URL against a list of blacklist of known bad sites. This warns users not to visit a specific website, but offers no protection against files downloads that can be initiated by such sites.
It’s also possible to imagine a compromised but legitimate site calling a download from a site that appears on the blacklist, a technique common with fake antivirus software. Currently, browsers allow such things to happen without displaying a warning.
The new tweak is to warn users when they are downloading a file associated with a blacklisted site. The feature has been available to Chrome’s development release channel subscribers for some time, but the company now wants to roll it out to all users.
On encountering a bad download the use will encounter the message; “This file appears to be malicious. Are you sure you want to continue?” with an option to ‘discard’ or ‘save’ the file. Chrome has no way of assessing the contents of the file simply that it is associated with a known bad site.
Chrome already has an extensive array of security features including a sandbox that isolates browser processes from data on the system and an integrated reader for Adobe PDFs that bypasses the latter’s own frequently-attacked software
As worthy as Google’s Chrome security upgrades seem, an odd dichotomy has grown up in the company’s technology between browsers and Internet search. Google and other search providers are often rightly criticised for leading users to bogus and manipulated links which then have to be defended against using browser security.
Search security has improved a lot in recent years but it is still far from perfect. Users commonly encounter malware after using search. Last summer, one security company even crowned Google the ‘king of malware’ for the length of time it took the company to filter out bad links.