April 5, 2011

Protecting users from malicious downloads



For the past five years Google has been offering protection to users against websites that attempt to distribute malware via drive-by downloads — that is, infections that harm users’ computers when they simply visit a vulnerable site. The data produced by our systems and published via the Safe Browsing API is used by Google search and browsers such as Google Chrome, Firefox, and Safari to warn users who may attempt to visit these dangerous webpages.

Safe Browsing has done a lot of good for the web, yet the Internet remains rife with deceptive and harmful content. It’s easy to find sites hosting free downloads that promise one thing but actually behave quite differently. These downloads may even perform actions without the user’s consent, such as displaying spam ads, performing click fraud, or stealing other users’ passwords. Such sites usually don’t attempt to exploit vulnerabilities on the user’s computer system. Instead, they use social engineering to entice users to download and run the malicious content.

Today we’re pleased to announce a new feature that aims to protect users against these kinds of downloads, starting with malicious Windows executables. The new feature will be integrated with Google Chrome and will display a warning if a user attempts to download a suspected malicious executable file:

Download warning


This warning will be displayed for any download URL that matches the latest list of malicious websites published by the Safe Browsing API. The new feature follows the same privacy policy currently in use by the Safe Browsing feature. For example, this feature does not enable Google to determine the URLs you are visiting.

We’re starting with a small-scale experimental phase for a subset of our users who subscribe to the Chrome development release channel, and we hope to make this feature available to all users in the next stable release of Google Chrome. We hope that the feature will improve our users’ online experience and help make the Internet a safer place.

For webmasters, you can continue to use the same interface provided by Google Webmaster Tools to learn about malware issues with your sites. These tools include binaries that have been identified by this new feature, and the same review process will apply.

6 comments:

  1. This is a great feature! - All we need now is an easy solution to get all the IE, Firefox and Opera users out there to install Chrome!...

    ReplyDelete
  2. I am all for a safe internet. I wonder just how this might be used in a bad way? Who (I know Google but WHO @ the Google Organization will manage this kind of stuff. It might take a person to do this. An algorithmic might take care of it.

    Windows users always have a bad time with these downloads. And the real issues are that even if the files are safe, Virus Free, They may still be Malicious in nature.

    ReplyDelete
  3. I think this is a great idea ; to navigate the Web safely has been a recurrent dream for me .

    ReplyDelete
  4. Will this ever be implemented on the Mac (Safari) or on the Mac version of Google Chrome. This is an excellent idea that should be available to all users in order to be most effective!

    ReplyDelete
  5. Instead of having a locally installed security software, this is a new way of Cloud based security and Google wants everything in the Cloud. And this strategy really work. If everyone start using Google Chrome, it will be a other way of using security suits.

    ReplyDelete
  6. da eta prosta bred kakoy ta ya xachu ustanovit savfrom.net a moy googl ego blakiruyet da mne ni nujna vasha sistema bezopasnosti dayte mne delat s maim kompyuterom to shto ya xachu

    ReplyDelete

You are welcome to contribute comments, but they should be relevant to the conversation. We reserve the right to remove off-topic remarks in the interest of keeping the conversation focused and engaging. Shameless self-promotion is well, shameless, and will get canned.

Note: Only a member of this blog may post a comment.