msgbartop
All about Google Chrome & Google Chrome OS
msgbarbottom

08 Feb 12 Security lab: Something fishy about Google Chrome’s Safe Browsing API




NSS Labs says there may be a privacy concern about Google’s use of end user IP addresses as part of its Safe Browsing API

From the start, Google’s Safe Browsing API was designed to spot malicious Web pages so users wouldn’t get trapped in them. Google identifies these sites through its own algorithms and user notification.

Google Chrome isn’t the only browser to do this. FireFox and Safari rely on the lists made available in the Safe Browsing API, and Microsoft has its Application Reputation with Internet Explorer, which essentially does the same thing.

[ Prevent corporate data leaks with Roger Grimes' "Data Loss Prevention Deep Dive" PDF expert guide, only from InfoWorld. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]

This week, NSS Labs, a firm that specializes in the testing of security systems, found something in its monitoring that just didn’t feel right.

According to NSS Labs, during the most recent period of testing, Nov. 21, 2011 through Jan. 5, 2011, they observed what appears to be a significant change in malicious website protection when contrasted with historical data. According to their report, “Did Google Pull a Fast One on Firefox and Safari Users?“, Chrome’s protection rate rose to more than 50 percent before falling back down to 20 percent, while at the same time the Firefox and Safari block rate remained stuck at 2 percent and then suddenly jumped to 7 percent on the same day Chrome’s protection precipitously dropped.

The types of attacks NSS Labs evaluated during this period are what it calls ” socially engineered malware,” or malware that is downloaded by the user from the Web. The lab will be testing so-called drive-by download attacks in a later report.

“Google has made very public statements that they don’t withhold any data from their Safe Browsing API, so what could explain the results?” asks Vikram Phatak, chief technology officer at NSS Labs.

Perhaps it’s the undocumented functionality NSS Labs believes Google has integrated into Chrome, but not Firefox or Safari.

Google strongly denies it’s holding back anything from the API. In his blog, New SafeBrowsing Backend, Mozilla and Mobile Firefox developer Gian-Carlo Pascutto at first wrote that Firefox does not have permission to use the download protection list in the Safe Browsing API.

That statement has since been redacted following a response from Google, a response that highlights perhaps a deeper concern: privacy.

Article source: http://www.infoworld.com/d/security/security-lab-something-fishy-about-google-chromes-safe-browsing-api-185893

Tags: , , ,

10 Jan 12 Google patches Chrome, beefs up malicious file blocking tech


Computerworld - Google last week patched Chrome 16 and improved the download warnings in the impending Chrome 17.

Last Thursday, Google updated Chrome 16 with a security update that quashed three bugs, all rated “high,” the company’s second-most-dire threat rating.

Two of the bugs warranted bounties of $1,000 each, including one to a developer who works for rival Mozilla, maker of Firefox. Google, like Mozilla, pays outside investigators for bugs they report: Last year, Google wrote checks totaling $180,000 to bug hunters.

Also last week, Google released the first beta of the next edition in its line, Chrome 17.

According to Google engineer Dominic Hamon, Chrome 17 expands on the anti-malware download warnings that were first added to Chrome’s code in April 2011 and appeared in the stable channel of the browser in June 2011′s Chrome 12.

“Chrome now includes expanded functionality to analyze executable files — such as ‘.exe’ and .msi’ files — that you download,” said Hamon in a blog post. “If a file you download is known to be bad, or is hosted on a website that hosts a relatively high percentage of malicious downloads, Chrome will warn you that the file appears to be malicious and that you should discard it.”

While download warnings have been part of Chrome since version 12, they have been limited to alerts triggered only when a user tries to retrieve a Windows .exe file from a malicious site.

Although the addition of .msi files — Windows application installers — was the only enhancement to Chrome’s anti-malware warnings that Hamon mentioned, he promised that others would follow. “We’re starting small with this initial Beta release, but we’ll be ramping up coverage for more and more malicious files in the coming months,” he said.

Chrome uses Google’s Safe Browsing technology to identify potentially malicious websites, and files downloaded from them. Apple’s Safari and Firefox also rely on Safe Browsing for their malware site blocking.

Google is playing catch-up to Microsoft in this area. Since its March 2011 debut, Microsoft’s Internet Explorer 9 (IE9) has used a feature called Application Reputation, or App Rep, to identify a file’s contents and its digital certificate to determine whether it’s a known application with an established reputation. If App Rep’s algorithm ranks the file as unknown, IE9 throws up a warning when users try to run or save the file.

If Google keeps to its usual rapid-release schedule that produces a new version about every six weeks, Chrome 17 will likely ship in final form around Jan. 25.

Chrome 17′s beta can be downloaded from Google’s website.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at Twitter@gkeizer, or subscribe to Gregg’s RSS feed Keizer RSS. His e-mail address is gkeizer@ix.netcom.com.

More: Browser Topic Center

Read more about Browsers in Computerworld’s Browsers Topic Center.

Article source: http://www.computerworld.com/s/article/9223260/Google_patches_Chrome_beefs_up_malicious_file_blocking_tech

Tags: , , ,

09 Jan 12 Google patches Chrome, beefs up malicious file blocking tech


Computerworld - Google last week patched Chrome 16 and improved the download warnings in the impending Chrome 17.

Last Thursday, Google updated Chrome 16 with a security update that quashed three bugs, all rated “high,” the company’s second-most-dire threat rating.

Two of the bugs warranted bounties of $1,000 each, including one to a developer who works for rival Mozilla, maker of Firefox. Google, like Mozilla, pays outside investigators for bugs they report: Last year, Google wrote checks totaling $180,000 to bug hunters.

Also last week, Google released the first beta of the next edition in its line, Chrome 17.

According to Google engineer Dominic Hamon, Chrome 17 expands on the anti-malware download warnings that were first added to Chrome’s code in April 2011 and appeared in the stable channel of the browser in June 2011′s Chrome 12.

“Chrome now includes expanded functionality to analyze executable files — such as ‘.exe’ and .msi’ files — that you download,” said Hamon in a blog post. “If a file you download is known to be bad, or is hosted on a website that hosts a relatively high percentage of malicious downloads, Chrome will warn you that the file appears to be malicious and that you should discard it.”

While download warnings have been part of Chrome since version 12, they have been limited to alerts triggered only when a user tries to retrieve a Windows .exe file from a malicious site.

Although the addition of .msi files — Windows application installers — was the only enhancement to Chrome’s anti-malware warnings that Hamon mentioned, he promised that others would follow. “We’re starting small with this initial Beta release, but we’ll be ramping up coverage for more and more malicious files in the coming months,” he said.

Chrome uses Google’s Safe Browsing technology to identify potentially malicious websites, and files downloaded from them. Apple’s Safari and Firefox also rely on Safe Browsing for their malware site blocking.

Google is playing catch-up to Microsoft in this area. Since its March 2011 debut, Microsoft’s Internet Explorer 9 (IE9) has used a feature called Application Reputation, or App Rep, to identify a file’s contents and its digital certificate to determine whether it’s a known application with an established reputation. If App Rep’s algorithm ranks the file as unknown, IE9 throws up a warning when users try to run or save the file.

If Google keeps to its usual rapid-release schedule that produces a new version about every six weeks, Chrome 17 will likely ship in final form around Jan. 25.

Chrome 17′s beta can be downloaded from Google’s website.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at Twitter@gkeizer, or subscribe to Gregg’s RSS feed Keizer RSS. His e-mail address is gkeizer@ix.netcom.com.

More: Browser Topic Center

Read more about Browsers in Computerworld’s Browsers Topic Center.

Article source: http://www.computerworld.com/s/article/9223260/Google_patches_Chrome_beefs_up_malicious_file_blocking_tech?taxonomyId=17

Tags: , , ,