Sophos Cloud Optix
The days of having your homepage switched or suddenly discovering a mysterious toolbar in your browser may be set to come to an end soon.
Yesterday, Google announced it will be expanding its Safe Browsing service to include warnings about deceptive software.
From next week, Chrome will display a message whenever a piece of software attempts to do anything sneaky or unexpected with your browser or computer.
Moheeb Abu Rajab, a staff engineer for Google Security, said in a blog post:
Starting next week, we'll be expanding Safe Browsing protection against additional kinds of deceptive software: programs disguised as a helpful download that actually make unexpected changes to your computer - for instance, switching your homepage or other browser settings to ones you don’t want.
The protection mechanism will show a message that looks much like the existing warnings which appear for other types of malware:
pua.exe may harm your browsing experience, so Chrome has blocked it.
People who may actually wish to take advantage of some of these tools will still be able to proceed despite the warning by accessing the software from their Downloads list.
Mozilla, the team behind Firefox, has already declared an interest in the new technology with a spokesman telling The Register:
We are happy to see that Google is continuing to improve its detection of potentially unwanted software, especially since Firefox relies on Google Safe Browsing to block malicious downloads. We are investigating implementing this new extension, especially if it reduces unofficial rebundled software that targets Firefox and other well-known publishers through Google search ads.
Google introduced the Safe Browsing service several years ago in an effort to warn users about known or potentially suspect content across the web.
As Rajab says:
You should be able to use the web safely, without fear that malware could take control of your computer, or that you could be tricked into giving up personal information in a phishing scam.
That's why we've invested so much in tools that protect you online. Our Safe Browsing service protects you from malicious websites and warns you about malicious downloads in Chrome.
Image of warning sign courtesy of Shutterstock.
Yeah, I hate those places that try to get you to install software you don’t want, like when I want to update my Adobe Flash Player, it tries to hijack my browsing experience by attempting to download something called Chro . . . Oh.
Is it bad that I first read “deceptive software warnings” as “software warnings that are deceptive” instead of “warnings about deceptive software”?
No 🙂
I did, too. I think because there’s a line break between software and warnings.
How about using (in the title) “deceptive-software warnings”?
You are not alone.
I’m happy to see this from Google, but confused about the “Dismiss” button. Does clicking on it mean thanks for the warning and preventing execution, or never mind I want pua.exe?
I can’t recall ever seeing a Dismiss button before.
Exactly! Had the very same thing yesterday. Do I dismiss the warning or the file?
At Last! Someone doing something about ‘foistware’ that we, Jo Public, have been complaining about for many years.
Hope it works properly.
Is “0” yes or is “10” yes?
The question is “how likely are you,” so 0 = zero likelihood and therefore 10 = yes 🙂
This is NOT good stuff. What about when you want to download a program?! Chrome blocks it and I have to search the internet to figure out how to disable their ridiculous attempt at saving us from ourselves. What happened to warning us and asking if we are sure? Give me a break. This is absurd.
I noted that Chrome is blocking non-malicious software now. Back to IE I guess.
What about all the false positives?
You see the box telling you that google just saved your a*s. When in fact a lot of the software is not malware at all. It’s just small, less common programs from small providers.
It’s not a human at google that inspects each site and download. It’s just a machine and the machine is taking a ‘better safe than sorry’ approach and blocking a LOT of non-malware.
Symantec/Norton have a quick way of reporting and re-evaluating false positives. Even small providers get re-evaluated within 24 hours. But google does not. They simply don’t care.