Last year, desktop Chrome replaced the downloads bar for a new tray UI in the top-right corner and Google is now detailing how that redesign allows for more security warnings.
The additional space lets Chrome show more detailed warning messages that “convey more nuance about the nature of the danger and can help users make more informed decisions.” Based on the AI-powered Google Safe Browsing malware verdicts, Chrome has a two-tier download warning taxonomy that makes use of different color, icons, and text.
- Suspicious files: Gray triangle (lower confidence verdict, unknown risk of user harm)
- Dangerous files: Red stop sign (high confidence verdict, high risk of user harm)
Google says these updates have “resulted in significant changes in user behavior” like “fewer warnings bypassed” and “warnings heeded more quickly.”
Meanwhile, those that have Safe Browsing’s Enhanced Protection mode “send the contents of suspicious files” to Google for deep scanning (as depicted below):
Suspicious files are a small fraction of overall downloads, and file contents are only scanned for security purposes and are deleted shortly after a verdict is returned.
Google says these additional scans “have been extraordinarily successful” by catching malware that’s new to Safe Browsing and “dangerous files hosted on brand new sites.”
Since Enhanced Protection users have already agreed to send a small fraction of their downloads to Safe Browsing for security purposes in order to benefit from additional protections, we recently moved towards automatic deep scans for these users rather than prompting each time. This will protect users from risky downloads while reducing user friction.
Looking ahead, Google wants to protect against cookie theft malware and other malicious software hidden in encrypted archives – .zip, .7z, and .rar files — that require a password, thus limiting antivirus scans.
To do so, Chrome will prompt Enhanced Protection users to provide and send the password to Safe Browsing so that what’s uploaded “can be opened and a deep scan may be performed.”
Uploaded files and file passwords are deleted a short time after they’re scanned, and all collected data is only used by Safe Browsing to provide better download protections.
For Standard Protection users, Chrome will ask for the file’s password, but send “only the metadata of the archive contents are checked with Safe Browsing.”
As such, in this mode, users are still protected as long as Safe Browsing had previously seen and categorized the malware.
FTC: We use income earning auto affiliate links. More.
Comments