Google Chrome's malware protection

Discussion in 'other software & services' started by The Seeker, Aug 19, 2011.

Thread Status:
Not open for further replies.
  1. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,101
    Location:
    Adelaide
    I knew that Google Chrome now has malware and phishing protection, but until today, I'd never seen it in effect.

    Pasting a zero day malware link, I was met with the below prompt. Firefox and IE both allowed the download before Panda deleted it as a virus. Giving users the ability to block malware before the download starts is a great approach. Score one for Chrome I say!

    20110819.png

    Edit: I should mention that I'm currently using the beta channel of Chrome (14.0.835.94 at time of writing).
     
    Last edited: Aug 19, 2011
  2. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    Very nice!
     
  3. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Yes, very encouraging to learn this about Chrome. :)
     
  4. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,635
    Location:
    UK
    I wonder what anti-malware analysis Chrome, or rather Google, uses to determine which files are indeed malicious.
     
  5. fsr

    fsr Registered Member

    Joined:
    Jul 26, 2010
    Posts:
    190
  6. jiggity

    jiggity Registered Member

    Joined:
    Nov 5, 2010
    Posts:
    9
    Location:
    San Diego, CA
    With all of the infected websites, it's good that CHROME has that feature built in for detecting malicious web sites. Way better than Firefox or IE IMO :D
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It's been in there a while. First it just blocked sites with the safe browsing and now (I believe separately) it also has blacklisted files.

    Jiggity, Firefox uses the Safe Browsing just like Chrome, though I Don't believe it scans downloads (only with your built in AV.)

    IE9 has by and far the most successful website and file blacklisting/ analysis.
     
  8. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    So do they use Clam to scan the files in the cloud? Something else? I have noticed lately that I have received gmail messages from Google saying that some email had suspected malware attached and was left on the server instead of being sent to my inbox.
     
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    That sounds like spam? Maybe not.

    Also I don't believe they are scanned in the cloud.
     
  10. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    You can't pick one or the other protection. There's only the option (by default) to have protection against phishing and malicious files.

    I'm still using an older Chromium build (went back to it), but I don't think anything has changed in this field.

    But, the database files are separate, yes. At least, judging by the names I got in Chromium profile folder.
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I mean that one uses the Safe Browsing thingy that Firefox uses as well and the other uses some separate blacklist.

    Chrome 12 had it first I believe.
     
  12. John Bull

    John Bull Registered Member

    Joined:
    Nov 22, 2009
    Posts:
    904
    Location:
    London UK
    Sounds like just a Google opinion and everybody on Planet Earth has one of those. If Firefox and IE let it through, then why should we assume that the Chrome rule book is better ? Experience usually breeds confidence and reliability. FF and IE have years of experience, whereas Chrome is a new boy at the game.
    FF and IE would never jeopardise their safety standards by being slap-happy.

    I don`t have any problem with downloads. Sandboxie, Firefox, AVG 2011, ZoneAlarm plus me, all put that problem to rest. In any case most of us know the credibility of sites we download from and Sandboxie does not allow any download to go places unless YOU say so.
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    So if the older antivirus lets malware through but the new antivirus doesn't than the new antivirus is just being "slap-happy."

    interesting
     
  14. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Oh, OK.
     
  15. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Google Chrome puts Firefox to shame in what comes to security, though. Not bad for a new boy. Not bad, at all.

    Google Chrome uses what the O.S has to offer, and therefore users don't need to know they need XYZ extensions to protect them, like it happens with Firefox.

    In what cames to the browser's own security (no extensions, no sandboxie/similar), Google Chrome has the advantage over Firefox.
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Chrome is miles ahead of Firefox and Opera. Even with extensions, which help bring Firefox up a bit, it's not as secure and it never will be until they make drastic changes...., which are incidentally in the works.
     
  17. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Instead of sending the email to my spam inbox I get a message saying the email was left on the server. I have a web site and have email forwarded to my gmail - although maybe gmail retrieves it, I'm not sure. So I am assuming gmail detects some malicious attachment and decides to not retrieve or accept the email to send on to my inbox (spam box).

    How are url's scanned for malicious exploits real time by chrome if they are not scanned in the cloud? Or does chrome scan each site for suspicious behavior?
     
  18. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
  19. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954

    That seems to indicate blacklisting. In the original post there is a picture of chrome stating a file is malicious. How does Chrome know the file is malicious? Is the file scanned in the cloud or does chrome keep a blacklist database of known bad files (such as md5 hash)?
     
  20. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Safari also uses Google Safebrowsing and have been using it for a long time, started somewhere around version 3.5.

    Edit: I think that all the major browsers except IE use Google Safebrowsing, it's only Opera who don't use Google Safebrowsing it uses AVG's service instead.
     
    Last edited: Aug 19, 2011
  21. John Bull

    John Bull Registered Member

    Joined:
    Nov 22, 2009
    Posts:
    904
    Location:
    London UK
    You like Chrome`s "opinion" of what malware is, then great, have a nice day.

    As for saying that Chrome is miles ahead of Firefox, well Moony my friend, THAT is also an opinion, just like me saying that Chrome is to browsing what the Wright`s Flying machine is to space travel. Which incidentally has a truthful ring about it.

    IF Firefox did let a Chrome opinionated virus through, then we treat that as sacred ? Of course not. I can scan for infections before releasing the package into my PC.

    Personally I feel we are all discussing a dubious third party statement without being able to substantiate it.

    I suggest that the OP give us all the site, give us all the download item and let us Firefox enthusiasts check it out. It is no practical use engaging in a heated discussion about nothing more than gossip.

    John
     
  22. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Every 25 minutes (or something like that) Google sends you a blacklist update. I don't know how they determine whether a file is malicious or not on their end.
     
  23. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Not that there's an objective measure of security but, yeah, Chrome's more secure. IT's basically the general consensus... I can't imagine anyone hwo knows what they're talking about arguing otherwise.

    What exactly do you think is different with Chrome's opinion of malware and anyone elses? I don't understand. IF it's a virus it's a virus...

    And the OP can't distribute malware.

    Are you being serious. So if Firefox doesn't catch a virus... it's not a virus? You realize that loads of antivirus would possibly miss one file that another AV would catch, right?
     
  24. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    The member you're responding to has yet to use knowledge as a basis for an argument.
     
  25. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Please, do not confuse apples with oranges. I never once mentioned anything about Chrome's "opinion" about what is malware. By the way, Firefox (Mozilla) does seem to love what Google defines as being a malicious domain. Firefox does use Google Safe Browsing, no? :D

    Don't confuse things. It's your opinion that I'm having an opinion. But, don't make of that my opinion.

    Again, I never talked about Firefox or Chrome's hability to scan/flag malicious files. I talked about the features Google Chrome makes use of, and features those that belong to the operating system.

    Research about Chrome's sandbox... *puppy*

    By the way, there's a 2010 interview with Charlie Miller (Also research about him *puppy*):

    Source: -http://www.oneitsecurity.it/01/03/2010/interview-with-charlie-miller-pwn2own/

    Don't take it wrong. I got not nothing against Firefox. I simply wish they used the security measures the O.S has to offer like IE and Google Chrome do.

    According to Hungry Man, such appears to become true in the future (hopefully sooner than later). I applaud that.

    P.S: Please, do research about Chromium's sandbox. If you search this forum, you'll find some links pointing to it. *puppy*
     
Loading...
Thread Status:
Not open for further replies.