×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Chrome Is Getting Automatic Blocking of Malicious Downloads

timothy posted about 6 months ago | from the whose-opinion-of-the-malware-though dept.

Chrome 138

An anonymous reader writes "Google today announced Chrome is getting an automatic download blocking feature for malware. Google has already added the new functionality to the latest build of Chrome Canary. All versions of Chrome will soon automatically block downloads and let you know in a message at the bottom of your screen. You will be able to "Dismiss" the message, although it's not clear if you will be able to stop or revert the block."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

138 comments

Nanny state crap (4, Funny)

barlevg (2111272) | about 6 months ago | (#45292485)

I shouldn't have to install IE if I want to set up a little virtual ecosystem. [xkcd.com]

Re:Nanny state crap (3, Insightful)

Jeremiah Cornelius (137) | about 6 months ago | (#45292733)

Well. There goes your downloads of TOR and Transmission... What's blocked next?

Maybe XBMC. Those plugins are GATT and SOPA problems just waiting to happen.

If people want to cut the cable? Just wait for Google to "steal" the XBMC source for GoogTV, like they raped Linux for Android.

The moral of this speculative fable? Google should be making software, not policy decisions.

Re:Nanny state crap (0)

Anonymous Coward | about 6 months ago | (#45292939)

I didn't know you had to use chrome on your PC. Strange. I thought there used to be alternatives.

Re:Nanny state crap (0)

Anonymous Coward | about 6 months ago | (#45293187)

"steal the source"

it's GPL you nunce

Re:Nanny state crap (1)

Jeremiah Cornelius (137) | about 6 months ago | (#45294133)

Spirit of GPL, letter of GPL. Through the eye of that needle, Google has made a fortune, while contributing a pittance.

It is a form of license exploitation, bordering on theft.

Re:Nanny state crap (0)

Anonymous Coward | about 6 months ago | (#45294423)

actually, google shoulda stuck with web search. soon as they bought deja you know they were up to something and its name was 'no good'.

Re:Nanny state crap (2, Funny)

Anonymous Coward | about 6 months ago | (#45292943)

This latest build of Chrome Canary is indispensable in my job at the coal mine.

meanwhile googleupdate.exe is in the background (0)

themushroom (197365) | about 6 months ago | (#45292533)

So it already has a drive-by download installed and running. Just sayin'.

Re:meanwhile googleupdate.exe is in the background (1)

Opportunist (166417) | about 6 months ago | (#45292575)

Not really a drive-by, more a bundle. But you get that kinda crap bundled with lots of free stuff.

Re:meanwhile googleupdate.exe is in the background (1)

Joining Yet Again (2992179) | about 6 months ago | (#45292765)

This.

Anyway, I'm way less worried about some lame malware developer's effect on society than Google's.

Re:meanwhile googleupdate.exe is in the background (0)

tepples (727027) | about 6 months ago | (#45292795)

I thought googleupdate.exe was just so that Chrome didn't have to ask for an administrator's password when a security patch is available.

Re:meanwhile googleupdate.exe is in the background (0)

Anonymous Coward | about 6 months ago | (#45293283)

Exactly. But you can't get that through to the morons and conspiracy theorists. They used the old kind of tinfoil (the type with lead in it) for their hats...

Re:meanwhile googleupdate.exe is in the background (1)

TangoMargarine (1617195) | about 6 months ago | (#45293465)

Yeah, because there's no possible way anyone could ever hack the Google update servers and have exploit code silently installed on most Chrome users' machines within...oh, a relatively short amount of time.

Is the automatic updater as much fun as the Firefox extension updater, where they reset the "auto-update all the time" preference to 'yes' every time you update the main program?

Re:meanwhile googleupdate.exe is in the background (2)

lgw (121541) | about 6 months ago | (#45294447)

Yes, that's the intention, and software always works as intended, so we have nothing to worry about. Automatically installing software from whatever server that googleupdate.exe thinks is the mothership has no potential security problems of any kind.

Bah... (3, Insightful)

Lumpy (12016) | about 6 months ago | (#45292555)

Yet they wont let me disable the god forsaken auto complete in the address bar. I completely ditched Chrome because of that damned evil annoyance.

Re:Bah... (3, Interesting)

zidium (2550286) | about 6 months ago | (#45292581)

You should use Srware Iron, a Chromium fork. It removes a LOT of the nastiness and annoyances from Chrome. I've been using it as my standard for years and ditched chrome completely since v29's fucked up New Tab Page.

Re:Bah... (-1)

Anonymous Coward | about 6 months ago | (#45292637)

You should just be using incognito all the time to begin with, then you don't have to worry about the auto-complete, just make sure you also only open one tab at a time and close it out each time you want to go to a different website.

The Energy Department's Office of Energy Efficiency and Renewable Energy (EERE) today announced new topics under its Small Business Innovation Research (SBIR) and Technology Transfer (STTR) program that will help small businesses develop innovative ideas and deliver market-driven solutions. EERE's areas of interest range from energy-saving buildings and manufacturing to sustainable transportation and renewable electricity generation.

Re:Bah... (0)

Anonymous Coward | about 6 months ago | (#45293159)

Efforts to improve energy efficiency and generate renewable energy can benefit a local economy in much the same way as other development activities. In fact, unlike financial incentive programs and speculative infrastructure investments that depend on positive business responses to yield benefits, many clean energy investments produce immediate economic returns to localities—and thus can be attractive options for local economic development organizations.

Re:Bah... (5, Informative)

Anonymous Coward | about 6 months ago | (#45292713)

If you go to Chrome's settings and search for Privacy, you can uncheck "Use a prediction service to help complete searches and URLs typed in the address bar" to turn off this behavior. Then it will only autocomplete things from your browser history and bookmarks.

Re:Bah... (1)

geminidomino (614729) | about 6 months ago | (#45292845)

That addresses part of the privacy concern, but not the fact that some people don't want the goddamn browser "correcting" our typing without asking. At least the command shells these days wait for you to ask for it.

 

Re:Bah... (2)

Lumpy (12016) | about 6 months ago | (#45292897)

does not work. They still auto complete from history and other sources. Already been down that road and had google devs tell me, "nobody sane would want to turn that off"

Re:Bah... (0)

Anonymous Coward | about 6 months ago | (#45292967)

You can disable history. You can also not use bookmarks.

Re:Bah... (1)

Lumpy (12016) | about 6 months ago | (#45293069)

Still does not work, please feel free to try it. I've been down this road several times.

Re:Bah... (3, Insightful)

Jeff Flanagan (2981883) | about 6 months ago | (#45293215)

>nobody sane would want to turn that off

They're approximately correct with that. Autocomplete is a huge help, and only a problem for people in bad situations where they need to hide what URLs they access or their search strings. If someone is going to give you trouble over your auto-complete, get that person out of your life.

Re:Bah... (0)

Anonymous Coward | about 6 months ago | (#45293345)

I'm visiting several customers a day.
Using chrome that means they can see which customer URLs I've been with....
Sorry but that is totally not acceptable.

So yes, chrome is on blacklisted in our company for exactly this..

Re:Bah... (3, Insightful)

Anonymous Coward | about 6 months ago | (#45293959)

If it's sensitive, why the fuck are you even saving those URLs? Did you know that all major browsers have implemented private mode for this purpose since a long time ago?

Re:Bah... (4, Insightful)

lgw (121541) | about 6 months ago | (#45294651)

Sure, that's one workaround. He found an easier workaround - switch to a less arrogant browser.

Re:Bah... (0)

Anonymous Coward | about 6 months ago | (#45292785)

Wait, what?

Menu -> Settings -> Advanced -> Privacy -> Uncheck "Use a prediction service to help complete searches and URLs typed in the address bar" (together with all the other shit in there)

Re:Bah... (2)

Lumpy (12016) | about 6 months ago | (#45292901)

You never tried it. Go ahead, and see how it still auto completes. I already have that unchecked.

Re:Bah... (2, Interesting)

Anonymous Coward | about 6 months ago | (#45293647)

Interesting... I find Chrome's autocomplete to be nearly perfect for me, and it's probably my primary reason for staying with Chrome. This is definitely the sort of thing where personal taste would come into play, though, and I can see its behavior being annoying if you're not on its wavelength.

Not sure how this is different (3, Insightful)

The MAZZTer (911996) | about 6 months ago | (#45292617)

Chrome already blocks malicious downloads. Not sure how this is new. Maybe it's a more advanced version of the existing feature.

The existing feature already looks like the current screenshot, except the text might be different. And yes, you can allow downloads using the drop down on the right.

Possibly this is integration of anti-virus hooks? I think the existing version might just use a Google list of known safe and dangerous downloads.

Re:Not sure how this is different (2)

Impy the Impiuos Imp (442658) | about 6 months ago | (#45292895)

Well, you go to a site to download something that isn't an executable, and there are all these fraud links that, when clicked, start an auto download of a .exe or similar. Now you're two layers of defense defeated. You must carefully delete it without clicking on it. You have one more layer, "This is an executable, are you sure you want to run it?"

I'm fine with a block of this mechanism. Oh you can be careful, but grampa? Kids? You with a clumsy finger on that 3rd and last layer?

Re:Not sure how this is different (0)

Anonymous Coward | about 6 months ago | (#45293327)

So basically a block mechanism to deal with the fact that some crappy operating systems execute files based simply on file name and not on execute permissions on the filesystem.

Re:Not sure how this is different (2)

Score Whore (32328) | about 6 months ago | (#45293523)

I've no idea what the parent is talking about. Windows -- for several versions -- marks downloaded executables as having been downloaded and will warn you when you attempt to run them.

Re:Not sure how this is different (0)

Anonymous Coward | about 6 months ago | (#45294379)

I like how people parrot this shit like it's even relevant anymore. Since Vista, Windows warns you about opening executable files from unknown sources. Such launch access can be revoked by higher powers that be, or if you're the administrator, you're still warned unless you disable the warning on a per-executable basis.

When you're going to criticize an operating system, you might want to make sure it actually has the problem you think it does.

Re:Not sure how this is different (4, Interesting)

Deathlizard (115856) | about 6 months ago | (#45293339)

If its what I think they're going to do (reputation detaction Ala IE9) it won't help much. See my sig if you want to go more in depth as to why.

Besides, The biggest Threats are the following

1) Malicious Forked Open Source Software
2) Installers with Bundled Adware

for #1: look at VLC. there's so many malicious forks of this I can't even count them. Many times they're just Renames, but other times they have more adware and spyware Embeeded in them than I can count. Hell One I found Shows ads before you watch any video.

Another example is "Fast Browser" which is a chromium browser fork with spyware baked in. it looks exactly like chrome and the only difference I can tell is the Icon (which rips off the chrome Icon, only Square) and the name in the about box.

for #2. Lets do a search for VLC and highlight any download site that's not from videolan.org or sourceforge (although I should count sourceforge. they're doing this too now) (obfuscated to avoid clicking)

VLCapp,com
vlcmediaplayer,org
Softonic,com
4soft,org
softwareinstall,com
soft82,com
softdls,com
download-pc,com
download366,com
os-downloads,com ..and these are just the results from 1st page direct searches or ads from bing and google alone.

I can all but guarantee that downloading anything from the above sites will get you some Potentially unwanted program or virus. I just wish that someone would make an Adblock plus list like the malware domain list for fake downloading sites.

Now I know that it sounds like I'm Picking on VLC here, but it's just one of the more hijacked examples. You can do this with just about any popular Program. Firefox, Chrome, 7zip, Openoffice, Minecraft, even IE10 and Windows Media Player have software wrappers.

Hell. Even the Microsoft Store in WIndows 8 isn't safe. Do a search for VLC there and the first or second hit is a link to getdesktopapp,com which piles on the junkware. when you look at the app's Publisher. he's doing the same thing with peazip, 7zip UMPlayer and openoffice.

If Chrome does something about these software wrappers then were talking, otherwise it's nothing new from what they were doing before or what IE's been doing for years, and that hasn't stopped anything either.

Great news! (5, Insightful)

sootman (158191) | about 6 months ago | (#45292629)

Now, can you let me choose for myself which filetypes are safe or not? For my job, I have to download many PDFs (up to 100 at a time) and Chrome asks me EVERY... SINGLE... FUCKING... TIME "This type of file can harm your computer. Do you want to keep <filename> anyway?"

LISTEN IDIOT: These PDFs come from a trusted source. Yes, I have to download them. No, I don't want to view them in the browser right this second. Also, I'm on a Mac, and also also, I don't use Acrobat, and also also also, this is my work machine, and IF anything would happen to it, I'd let I.T. blow it away and re-image it if needed. LET ME DOWNLOAD THE GODDAMN FILE. Every few months I search to see if there's a way to disable this, and so far I've come up empty.

Needless to say, I don't use Chrome for this part of my job.

Re:Great news! (-1)

Anonymous Coward | about 6 months ago | (#45292719)

You should fork Chromium and create a version that does what you want instead of being some whining Mac user.

Re:Great news! (3, Funny)

Anonymous Coward | about 6 months ago | (#45293157)

You should go fork yourself.

Re:Great news! (0, Funny)

Anonymous Coward | about 6 months ago | (#45292799)

I was going to suggest using something else until I read your last line and found out that you already do.

So... you already use a more suitable tool for downloading 100s of PDFs at a time, but you want Chrome to make it easier to do your particular exceptional-case job at the expense of making average users less safe, even though you'd probably just keep using the more suitable tool anyway?

Those idiots are idiots for not tailoring Chrome to suit your very particular situation.

Re:Great news! (1)

geminidomino (614729) | about 6 months ago | (#45293043)

If you've got half a clue, you're already not using Adobe, and the goddamn thing should be getting out of your way after the first time you tell it "shut up, I know what I'm doing."

Wanting to download PDFs from the web is "exceptional?" Are you one of those "UX" BSAs?

Re:Great news! (1)

jones_supa (887896) | about 6 months ago | (#45292889)

For my job, I have to download many PDFs (up to 100 at a time) and Chrome asks me EVERY... SINGLE... FUCKING... TIME "This type of file can harm your computer. Do you want to keep <filename> anyway?"

Yeah, I find this a bit annoying too. At the same time it allows me to happily download EXEs. I don't see the big risk in opening PDFs, it is not a format which often carries vulnerabilities.

Re:Great news! (1)

Anonymous Coward | about 6 months ago | (#45292973)

Yeah, I find this a bit annoying too. At the same time it allows me to happily download EXEs. I don't see the big risk in opening PDFs, it is not a format which often carries vulnerabilities.

Are you new to the internet? PDFs with Adobe reader is generally in the top attack vectors.

Adobe Reader for Android? (1)

tepples (727027) | about 6 months ago | (#45293207)

Then why does Chrome for Android display a scare bar for PDF downloads even on a platform to which Adobe Reader isn't even ported?

Re:Great news! (2)

Redmancometh (2676319) | about 6 months ago | (#45293497)

There is a script bunny tool called metasploit. It includes something called "reverse_tcp_bind." Since it has appeared pdfs have become quite the thriving infection route.

Re:Great news! (1)

lgw (121541) | about 6 months ago | (#45294713)

Is there any easy way to clean dubious PDFs? I'm bothered by the number of PDFs I have than might contain exploits if I ever accidentally had an Adobe product installed on some system. Any open source "PDF cleaner" or somesuch?

Re:Great news! (1)

hypergreatthing (254983) | about 6 months ago | (#45293107)

Try VisualWget. Might save you some time in general.
Then again that's for windows. Fairly sure there are a few apps that do the same thing though.

Re:Great news! (5, Informative)

Gravis Zero (934156) | about 6 months ago | (#45293165)

Now, can you let me choose for myself which filetypes are safe or not? For my job, I have to download many PDFs (up to 100 at a time) and Chrome asks me EVERY... SINGLE... FUCKING... TIME "This type of file can harm your computer.

this will remove the down warning for all file types.

on OSX, open /Users/yourusername/Library/Preferences/com.google.Chrome.plist and replace the "download" section with this


      "download": {
          "directory_upgrade": true,
          "prompt_for_download": false
      },

found it in 2 minutes. my google fu is strong.

Re:Great news! (0)

Anonymous Coward | about 6 months ago | (#45294527)

found it in 2 minutes. my google fu is strong.

That's only because you're not using Chrome to do your Google search...

Re:Great news! (0)

Anonymous Coward | about 6 months ago | (#45293223)

Why not have IT set you up with aq pre configured version of a browser with those features selected?

Re:Great news! (1)

Rude Turnip (49495) | about 6 months ago | (#45293269)

If you have to download 100 PDFs from a trusted source at one time, then you shouldn't be using a web browser. That's a job for perhaps a WebDAV setup or any one of a zillion syncing solutions.

Re:Great news! (1)

Joce640k (829181) | about 6 months ago | (#45293323)

Weird, it doesn't do that to me.

What if you view it then type CTRL-S then ENTER? Is that easier?

Re:Great news! (1)

mcmonkey (96054) | about 6 months ago | (#45293703)

Just imagine when this same company, instead of driving your browser, is driving your car and deciding where you go.

How long until "malicious" defined as ... (3, Interesting)

RLiegh (247921) | about 6 months ago | (#45292639)

...software contrary to corporate (RIAA/BSA) interests?

Re:How long until "malicious" defined as ... (-1)

Anonymous Coward | about 6 months ago | (#45292755)

The file: "Firefox-Setup.exe" was blocked from being downloaded because it has been labeled as malicious software.

This file has been flagged for the following reason(s): Firefox.exe can facilitate the unauthorized downloading of copyrighted material.

This incident has been reported to your district administrator.

Cue in the MAFIAA (-1)

Anonymous Coward | about 6 months ago | (#45292647)

They'll want all kinds of "malicious" downloads added to the list.

Microsoft tried this before (4, Insightful)

tepples (727027) | about 6 months ago | (#45292761)

Microsoft has tried something similar [microsoft.com]. Each distinct executable has to build up a reputation over some long period before IE SmartScreen stops flagging it as "not commonly downloaded". The only way to make an executable build up reputation faster is to apply for an Authenticode software publisher certificate from a commercial CA ($$$) and keep it renewed ($$$ per year), which lets good reputation spill over from other executables from the same publisher that have earned good reputation. This especially messes with the release early, release often mentality of amateur free software developers who might not be willing to form an LLC and buy and maintain an Authenticode certificate.

Re:Microsoft tried this before (4, Insightful)

Riddler Sensei (979333) | about 6 months ago | (#45292981)

God, that sounds like extortion.

"It'd be a shame if we told the user that your software might maybe sorta kinda be malware."

Key continuity management (2)

tepples (727027) | about 6 months ago | (#45293191)

Especially because reputation spillover could have been implemented just as easily with the key continuity management (KCM) paradigm. In KCM, each software publisher acts as its own CA and self-signs its own code signing certificate. This way a developer can prove that he's the same developer as last time without having to prove the developer's real world identity. Android code signing uses KCM, as does SSH. OS X used to before 10.8 when Apple introduced GateKeeper with default settings to block running code from unidentified developers.

Re:Microsoft tried this before (1)

intermodal (534361) | about 6 months ago | (#45293491)

Extortion is the bread and butter of most major software companies' security standards. If you think this is bad, you should look into what is involved when updating Oracle.

Re:Microsoft tried this before (1)

sootman (158191) | about 6 months ago | (#45293605)

Yeah, well, Microsoft also bugs me whenever I click a link in Outlook that leads to a file on my company's SharePoint site. A/V on the server, A/V on every desktop, and I have to click "Yes, I really want this file" every single time.

Re:Microsoft tried this before (-1)

Anonymous Coward | about 6 months ago | (#45293623)

The only way to make an executable build up reputation faster is to apply for an Authenticode software publisher certificate from a commercial CA ($$$) and keep it renewed ($$$ per year)

Comodo sells these certificate for $180/year (or lower if you buy ahead for multiple years). This amount does not seem like a huge burden for any software maker.

I'm confused (0)

Anonymous Coward | about 6 months ago | (#45292797)

When IE introduced this feature everyone said it was bad, because your download links were scanned by Microsoft.

Is this good now because the Google is doing it?

Re:I'm confused (1)

RLiegh (247921) | about 6 months ago | (#45292923)

Apparently so, since any comments pointing out how prone this will be to abuse, and the nature of the abuse, are being aggressively down-modded.

Re:I'm confused (0)

Anonymous Coward | about 6 months ago | (#45293177)

I don't know, you tell us - at least comments here don't seem too enthusiastic.

PS: B-, Wouldn't feed again.

software repository (1)

Gravis Zero (934156) | about 6 months ago | (#45292841)

it would be nice if there was a Windows program to install programs from a centralized repository of software that was actually scrutinized to ensure it's malware free and perhaps a security risk rating. It certainly would make open source programs more attractive because they could quickly be certified as being malware free. the rest wouldn't be able to be certified as being 100% malware free since there cant be a true analysis of the software without REing the whole thing unless they submit the source but keep it secret.

every program having it's own updater running is annoying, uses more resources and introduces another security risk.

Re:software repository (1)

spottedkangaroo (451692) | about 6 months ago | (#45293027)

amen. Every time I use my windows machine a bunch of separate shitty updaters pops up a window about a new version. Man I wish I could go to windows update and update all my software in the background. I'm surprised Microsoft hasn't picked up on the repo thing yet. It's better for everyone.

Re:software repository (0)

Anonymous Coward | about 6 months ago | (#45293077)

Not better for Adobe and other Microsoft customers.

Re: software repository (0)

Anonymous Coward | about 6 months ago | (#45293173)

They have had one for over a year. It's called the store app in Windows 8 and 8.1. It seems to meet all your requirements.

Re: software repository (1)

Gravis Zero (934156) | about 6 months ago | (#45293315)

They have had one for over a year. It's called the store app in Windows 8 and 8.1. It seems to meet all your requirements.

let's be honest, those are malware. ;)

Re:software repository (1)

TangoMargarine (1617195) | about 6 months ago | (#45293571)

it would be nice if there was a Windows program to install programs from a centralized repository

Sounds good.

software that was actually scrutinized to ensure it's malware free

Sounds even better.

open source programs [...] could quickly be certified as being malware free.

BAHAHAHAHA! You really think Microsoft would give you a package manager and allow open-source programs to appear in the listings?! Oh, man...you almost got me there...

Chrome chownload (0)

Anonymous Coward | about 6 months ago | (#45292905)

So it blocks the download of itself?

Will Mac version use "Allow Apps Downloaded from"? (1)

RandomUsername99 (574692) | about 6 months ago | (#45293131)

On MacOS there's a setting, "Allow Apps Downloaded from", under the security and privacy section of the control panel that controls this behavior. If I have that set to download from anywhere, it should download from anywhere.

let me add this (5, Funny)

slashmydots (2189826) | about 6 months ago | (#45293149)

Chrome usage has been falling by approx 0.25% market share per month for the last year or so. It's like they're just trying to accelerate it now. Plus, I'm 99% sure this is an exact clone of a feature included with IE7. The IE10 version is even more popular with it's 5 or so clicks to finally get to the "I don't give a fuck if you haven't heard of this download, it's from fucking Sourceforge, don't delete it and let me run the damn thing. Yes I know it's a fucking MSI file" button. REAL popular feature.

Re:let me add this (0)

Anonymous Coward | about 6 months ago | (#45293955)

What the fuck are you, some sort of MS shill?

I swear to fucking god. Chrome adds a feature that helps users stay safe and the fucking MS astroturf patrol can't shut the fuck up.

IE sucks. Nobody with a clue uses it. People only develop and target for it under duress.

And to address your other talking points:
Surface sucks and is a failure
Surface pro sucks and is a failure
Surface 2 sucks and is a failure
Surface pro 2 sucks and is a failure
Nobody likes windows 8. Metro is a failure
Windows phone is a failure

Sourceforge now serving malware (0)

Anonymous Coward | about 6 months ago | (#45294095)

Chrome usage has been falling by approx 0.25% market share per month for the last year or so. It's like they're just trying to accelerate it now. Plus, I'm 99% sure this is an exact clone of a feature included with IE7. The IE10 version is even more popular with it's 5 or so clicks to finally get to the "I don't give a fuck if you haven't heard of this download, it's from fucking Sourceforge, don't delete it and let me run the damn thing. Yes I know it's a fucking MSI file" button. REAL popular feature.

Terrible example. Sourceforge has started bundling Ask Toolbar and other crapware with their products where the project administrators have agreed. For example, Filezilla default download now comes bundled with such shite.

https://forum.filezilla-project.org/viewtopic.php?f=2&t=30240&start=120

The HOW it is implemented is important (1, Interesting)

AtomicJake (795218) | about 6 months ago | (#45293219)

If this feature is implemented as a cloud service, i.e. each URL will be checked by Google before the browser is executing it then say good-bye privacy. It would be the last thing that you would like to have: a browser that spies on you.

If this feature is implemented with a signature file that is updated from time to time, then it is the same snake-oil as each anti-virus and is probably not harmful. It might even be useful for those people who also have use for anti-virus software.

warning bypass (1)

Gravis Zero (934156) | about 6 months ago | (#45293297)

Chrome asks me EVERY... SINGLE... FUCKING... TIME "This type of file can harm your computer. Do you want to keep anyway?"

seems like this is a common and unnecessary annoyance for non-Windows people.

this will remove the down warning for all file types.

1) open preference file
-- OS X: /Users/yourusername/Library/Preferences/com.google.Chrome.plist
-- Linux: ~/.config/chromium/Default/Preferences
-- Windows: GFY, you need this warning.

2) replace the "download" section with this


"download": {
  "directory_upgrade": true,
  "prompt_for_download": false
},

Wait until you get Cryptolocker (1)

chr1st1anSoldier (2598085) | about 6 months ago | (#45293365)

Yeah, Sure, Blocking malicious downloads has the potential for bad, but it also has the potential for good. You get hit with Cryptolocker and not have any good backups then tell me how much you hate a feature like this. I have already seen it too many times, companies that loose data because of that virus and the sysadmins that are too proud to pay the ransom. Or even worse, the employees who get hit with it then doesn't say anything until after the timer runs out. People might hate on features like this, but at the business level it can be a life saver.

Re:Wait until you get Cryptolocker (0)

Anonymous Coward | about 6 months ago | (#45293833)

Yeah, Sure, Blocking malicious downloads has the potential for bad, but it also has the potential for good. You get hit with Cryptolocker and not have any good backups then tell me how much you hate a feature like this. I have already seen it too many times, companies that loose data because of that virus and the sysadmins that are too proud to pay the ransom. Or even worse, the employees who get hit with it then doesn't say anything until after the timer runs out.

People might hate on features like this, but at the business level it can be a life saver.

There are also many accounts of people paying the $300 and still not able to decrypt their files. But agree on the value of extra browser malware protection and, for pits sake, backup! The likes of Cryptolocker is why you want several layers of different types of protection (if your email is scanned by Symantec/Microsoft/whatever, then use something else on the endpoints), including having browser with malware download protection.

Question (0)

The Cat (19816) | about 6 months ago | (#45293565)

Is Chrome going to stop illegally violating the trademarks and copyrights of small businesses by replacing their web sites with often inaccurate warnings about how they are responsible for malware?

When did Google become the Internet police and by what authority do they presume to deface a third party's web site and publicly accuse that third party of distributing malware?

who decides? (1)

Junior J. Junior III (192702) | about 6 months ago | (#45293599)

Malicious, but malicious to WHOM? If they ever start blocking useful tools which "could" be used to break laws or otherwise do harm, that will be the end of Chrome.

hmm... (0)

Anonymous Coward | about 6 months ago | (#45293713)

Is Google considered malware that this thing will block since it has so many privacy breeches, etc.

The only feature I need is a way to lock settings (0)

Anonymous Coward | about 6 months ago | (#45293805)

...so my parents can't install random search engines, toolbars and plugins.
It is such a simple feature (one assumes) but it would mean when I see the old folks on a Sunday I might actually be able to catch up with them before the inevitable.

The disease is well-understood. (1)

Impy the Impiuos Imp (442658) | about 6 months ago | (#45294257)

The really cool part is it blocks poisonous viral meme downloads, too, so you only see a black screen when you go to Huffington Post*.

*Substitute Drudge Report for humor effect if you are already infected with the Huffington meme defense mechanism.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...