Google has proposed an improved mechanism for detecting malware in the Chrome browser – now it will be possible to send password-protected executable files for remote scanning. And to do this, you will have to transfer passwords from such files to Google.
Image source: security.googleblog.com
When you enable the Enhanced Security option in Settings, Chrome warns you when you try to download a file that may be unsafe due to suspicious characteristics or even more so because it is on the list of known malware. Now the browser will also prompt users to send such files for remote scanning; if it is a protected ZIP, 7Z or RAR archive, then you can send the password for it.
Google noticed that malware distributors are trying to bypass browser security mechanisms by posting it in secure archives and placing passwords on download pages for these files. The company assured that after scanning both the files themselves and the passwords for them are deleted. Something similar will be offered to those who have “Standard protection” selected in Chrome settings – they will also be asked for permission to scan the file and its password, but scanning will be carried out locally and will be limited to only checking the metadata of the archive contents.
Google Chrome will also feature a two-tier notification system when a user attempts to download a potentially dangerous file. The browser will warn about suspicious files for which the verification mechanism has returned a “guilty” verdict with a low degree of confidence and an unknown risk of harm to the user; as well as about dangerous files when the protection system has a high degree of confidence that they can cause harm to the user. Each level has a different icon, color, and text to help the user differentiate between risk levels.