Google will ask some Chrome users to submit passwords for files suspected of being infected, and says the passwords and files will be deleted immediately after a deep scan.
Google is redesigning Chrome’s malware security to include password-protected executables that users can download for in-depth scanning.
This change, according to the company, will allow for the detection of more malware. Google has long allowed users to enable enhanced mode. Safe Browsing. This is a Chrome feature that warns users when they download a file that is considered unsafe.
The file has been classified as unsafe either because of suspicious properties or because it is listed as a known malware. When Enhanced Mode is enabled, Google will prompt users to download suspicious files that are not allowed or blocked by its detection engine. Under the new changes, Google will ask these users to provide any password required to open the file.
Beware of password protected files
In a post published on Wednesday, Jessica Bawa, Lily Chen, and Daniel Robery from the Chrome security team wrote:
“Not all deep scans can be performed automatically. The current trend in cookie-stealing malware distribution is to bundle the malware in an encrypted archive — a password-protected archive in .zip, .7z, or .rar format — which hides the contents of the archive from safe browsing and other antivirus scans.
To combat this evasion technique, we have introduced two protection mechanisms depending on the Safe Browsing mode the user has selected in Chrome.
Attackers often provide passwords for encrypted files in places such as the page the file was downloaded from or in the name of the download file. For Enhanced Protection users, suspicious encrypted file downloads will now prompt the user to enter a password. The access point for the file will be sent with the file to Safe Browsing so that the file can be opened and inspected in depth.
Uploaded files and file passwords are deleted shortly after scanning, and all data collected through Safe Browsing is used only to provide better protection when downloading (including files).
For those who use Standard Protection Mode, which is the default in Chrome, we wanted to be able to provide some level of protection. In standard protection mode, downloading a suspicious encrypted file will also prompt you to enter the file password, but in this case, both the file and the password remain on the local device, and only the metadata of the file and its contents are checked through secure browsing.
Therefore, in this mode, users remain protected as long as Safe Browsing has seen and classified the malware in advance.
Sending an executable file to Google that you accidentally downloaded from a website advertising a screensaver or media player will likely cause few or no problems.
For more sensitive files, such as a password-protected work file, it is possible There has been more packing of security features in Chrome.
Despite assurances that the file and password will be deleted immediately, sometimes mistakes are made that are discovered months or even years later. People who use Chrome with enhanced mode enabled should be careful.
More Stories
In Greece Porsche 911 50th Anniversary – How much does it cost?
PS Plus: With a free Harry Potter game, the new season begins on the service
Sony set to unveil PS5 Pro before holiday season – Playstation