Google wants to block unsafe, potentially risky download files on Chrome

Security engineer of Google Chrome team Emily Clark recently proposed adding automatic features to prevent download operations related to high-risk files, coming from unsecured websites in Future versions of the world's most commonly used browser platform.

This means that users will no longer be able to download executable files or compressed files distributed via an unsecured HTTP connection, but will be initiated from HTTPS websites. Chrome will be equipped with algorithms that automatically recognize and mark websites of this type as mixed content and will automatically block any download activity that comes from them.

1. Chrome has added an administrative policy, which allows uninstalling blacklisted extensions

"We want to achieve a more reasonable balance between user-disruption and the level of improvement in remote security, so Chrome is considering offering a solution. handle, or rather, control some high-risk data download operations on the internet, such data and content may be marked as unsecured mixed content and the browser will automatically block them, "said Emily Clark, head of security experts at the Google Chrome team.

According to this expert's suggestion, Chrome will flag the files "exes, dmgs and crxs as executable files and zip, gzip, rar, tar, bzip, . as compressed files". A complete list of targeted file types is available HERE.

1. Running on Chromium core but Microsoft Edge can play Netflix 4K videos, 'eat off' Google Chrome

"We are still finalizing our data before we can start sharing them publicly, but right now, we have found that blocking a collection of high-risk files (Executable files and compressed files, identified by the Content-Type or mime-type header) will likely work, "added engineer Emily Clark.

In a related move, Mozilla's security team leader Daniel Veditz also expressed his special interest in adding similar features in Firefox.

Chrome security engineers shared a public poll on Twitter to ask followers that high-risk unsafe downloads should be considered mixed content and blocked by Chrome. or not. As a result, up to 75% of 251 votes agreed with this plan.

1. The unsafe 'feature' on UC Browser allows hackers to take control of Android phones remotely

Currently, the highest goal of the Chrome security team is to turn this platform into one of the browsers that can give users a world-class safety experience. Earlier efforts include the addition of a tabbed navigation feature, listing of Adobe Flash blacklists, and adding HTML5 support as the default option, as well as preventing injection behavior. code of third-party applications, and disabling security layer transmission (TLS) 1.0 and 1.1.

Recently, a proposal was made in 2013 by Google's Mike West to automatically block downloads originating from iframe sites that were reconsidered by Chrome's team and made public suggestions. at the end of January 2019.

1. Microsoft released the Windows Defender extension for Google Chrome and Firefox browsers to protect the device

In addition, Google also revealed that it intends to add the feature to automatically block all downloads starting from the advertising framework that does not contain user activation, as a part. in the software giant's greater effort to enhance the security of Chrome users by preventing download operations that contain potentially unsafe risks.