Google adds executable file detection to Chrome
Google has introduced a new feature for its Chrome browser that will display a warning if a user attempts to download a suspected malicious executable file.
Google Security Team's Moheeb Abu Rajab said that while its safe browsing has done a lot of good for the web, the internet remains rife with deceptive and harmful content. He wrote on the company blog that a warning will now be displayed for any download URL that matches the latest list of malicious websites published by the Safe Browsing API. The Safe Browsing API is Google's online database of known phishing sites and malware infected web pages.
“We are starting with a small-scale experimental phase for a subset of our users who subscribe to the Chrome development release channel and we hope to make this feature available to all users in the next stable release of Google Chrome. We hope that the feature will improve our users' online experience and help make the internet a safer place.”
Chester Wisniewski, senior security advisor at Sophos Canada, said: “What Google is announcing is that starting with the developer builds of Google Chrome they will now check files you attempt to download against their API. This could be a very valuable technique for protecting users of Google Chrome against threats like rogue anti-virus.
“Often there are many sites, some of which are not blacklisted in Safe Browsing, but they all point to the same location for the actual malware download. By adding support for these known malware destinations they will reduce the number of infections for users using Chrome.”
Mikko Hypponen, chief research officer of F-Secure, said on his Twitter feed that with bad plug-in warnings, internal PDF reader and download alerts, Chrome is leading the safe browsing game. “Now, if we could just get the average mom and pop to replace their Internet Explorer or Firefox with Chrome,” he said.
Wolfgang Kandek, CTO of Qualys, said: “Regarding Chrome, I believe this is a good step, even though users are wary of too many warnings layered on top of each other. In this case the user already has to acknowledge the malicious site warning and now gets another alert. Overall it is good but it will be interesting to see how users react.”