Most of us have had it happen: One goes to download what seems like a perfectly reasonable piece of software, and along with the wanted functionality one gets either additional modules that annoyingly cause a series of pop-up windows upon start-up, potentially unwanted programs (PuPs) or it makes modifications to the browser, like adding an un-asked for toolbar. Google is looking to stem the issue with the launch of deceptive software warnings.
“Starting next week, we’ll be expanding Safe Browsing protection against additional kinds of deceptive software: programs disguised as a helpful download that actually make unexpected changes to your computer—for instance, switching your homepage or other browser settings to ones you don’t want,” said Moheeb Abu Rajab, a staff engineer for Google Security, in a blog. “We’ll show a warning in Chrome whenever an attempt is made to trick you into downloading and installing such software. If you still wish to proceed despite the warning, you can access it from your Downloads list.”
Google Safe Browsing is a protection service that’s built into most major browsers via API, including Apple Safari, Mozilla Firefox and of course Google Chrome. It shows users warnings when it identifies unsafe websites, and provides webmasters with details about the threats it detects.
Approximately 1.1 billion people use Google Safe Browsing, and the notifications shown to users number about 15 million per day.
“You should be able to use the web safely, without fear that malware could take control of your computer, or that you could be tricked into giving up personal information in a phishing scam,” Rajab said. “That’s why we’ve invested so much in tools that protect you online. Our Safe Browsing service protects you from malicious websites and warns you about malicious downloads in Chrome. We’re currently showing more than three million download warnings per week—and because we make this technology available for other browsers to use, we can help keep 1.1 billion people safe.”
As always, users should be careful and make sure that the source is trustworthy when downloading software.
PuP installs are a particular scourge. While not specifically malicious, PuPs are the additional software applications that often get installed along with purchased or actually desired software. Sometimes called bloatware, these programs can be anything from “file management” helpers to “download accelerators” to, in some cases, full-on malware. In all cases they are software that the user didn’t originally go looking for, and their install earns the software bundler a commission.