Google Proposes To Block Risky Non-Secure Downloads

The future of Chrome is going to be more secure as Google is aiming to block all high-risk downloads from non-secure websites. The feature is called Safe Browsing By Google and the proposal was revealed in the World Wide Web Consortium (W3C) public mailing list.

Google Chrome security engineer Emily Stark has stated that users will now be notified about malicious files, which gets delivered over an HTTP connection emerging from secure contexts. In fact, Chrome will automatically put the content as mixed and block them for you.

Moving forward, the Chrome engineer also explained about the classification of files in this regard as exes, dmgs, and crxs will get flagged as executables, and zip/gzip/rar/tar/bzip/etc., will come in the category of archives. However, the company is still working to make the metrics right.

Users will get two messages upon downloading a risky file. "This file appears to be malicious. Are you sure you want to continue" or "[filename] is malicious, and Chrome has blocked it".

The first notification will leave the downloading decision up to you, whereas one can only dismiss the second message without being able to download anything.

To get opinions of users regarding the proposal, Stark asked her followers on Twitter about whether people would like the high risk non-secure content to be categorized as mixed content and blocked by Chrome. In return, she received a positive response on the poll as 75% agreed to opt for ‘yes’.

The challenges of making web browsing a safer experience are increasing every day. But fortunately enough, Google seems to be accounting for it as looking by their last services like adding tab-under redirect blocking, blacklisting Adobe Flash, adding HTML5 support as the default option, and stopping third-party applications from injecting code and deprecating TLS 1.0 and 1.1, it is pretty much visible that they are moving in the right direction.


Photo: Jon Fingas / Engadget

Read next: Lazy Loading in Google Chrome to Improve Browsing Experience

No comments:

Post a Comment