Article Details
Scrape Timestamp (UTC): 2024-07-24 16:11:08.504
Original Article Text
Click to Toggle View
Google Chrome now warns about risky password-protected archives. Google Chrome now warns when downloading risky password-protected files and provides improved alerts with more information about potentially malicious downloaded files. These new, more detailed warning messages help users quickly learn the nature of the danger presented by each file downloaded from the Internet. For this, Google introduced a two-tier download warning system that uses AI-powered malware verdicts sourced from its Safe Browsing service to help evaluate the actual risk quickly. Users will now see warnings alerting them of suspicious files (based on lower confidence verdicts and unknown risk of user harm) or dangerous files (on high confidence verdicts and high risk of user harm). "These two tiers of warnings are distinguished by iconography, color, and text, to make it easy for users to quickly and confidently make the best choice for themselves based on the nature of the danger and Safe Browsing's level of certainty," the Chrome Security team explains. "Overall, these improvements in clarity and consistency have resulted in significant changes in user behavior, including fewer warnings bypassed, warnings heeded more quickly, and all in all, better protection from malicious downloads." The Chrome browser now also sends suspicious files to the company's servers for a deeper scan for users with Enhanced Protection mode enabled in Safe Browsing, providing extra protection while "reducing user friction." When downloading password-protected archives (e.g., zip, .7z, or .rar), users with Enhanced Protection toggled get prompted to enter the password before sending the file for additional scanning via Google's Safe Browsing service. The company says that files and file passwords uploaded to its servers will be deleted promptly after scanning, and all collected data will be used only to boost download protection for all Chrome users. Those who use Chrome in Standard Protection mode will also be asked to enter the passwords of the downloaded archives. However, both the file and the password stay on the local device, and "only the metadata of the archive contents are checked with Safe Browsing," the Chrome Security team says. "As such, in this mode, users are still protected as long as Safe Browsing had previously seen and categorized the malware." Today's announcement comes after Google redesigned the Chrome download experience in August to display alerts in the web browser's address bar and expanded browser warnings and notifications to accommodate extra information.
Daily Brief Summary
Google Chrome now alerts users when downloading risky password-protected files and provides more detailed warnings for potentially malicious files.
A new two-tier warning system using AI-powered malware verdicts from Google's Safe Browsing service classifies files as either suspicious or dangerous based on the level of threat they pose.
Enhanced Protection mode in Safe Browsing allows for deeper scans by sending suspicious files and passwords to Google's servers, with all data being deleted after scanning.
Users in Standard Protection mode have their password-protected archives checked locally, with only metadata of archive contents verified against Safe Browsing.
The update is part of ongoing improvements to Google Chrome's user safety features, aiming to reduce friction for users while enhancing protection against malicious downloads.
Files and passwords shared with Google for scanning are promptly deleted to protect user privacy, and information is used solely to improve download protection measures.
The recent changes have led to positive shifts in user behavior, with more timely adherence to warnings and fewer bypasses, indicating better compliance and safety awareness.