Google is further improving the security of its browser. The American giant has just extended its improved safe browsing feature in Chrome 91 to protect users when they install a new extension from the Chrome Web Store. Google’s in-house browser will now display a new dialog prompting users to exercise caution if an extension is not recognized by the enhanced Safe Browsing feature.
As a reminder, Google last year launched Enhanced Safe Browsing on Browser as an optional protection against phishing sites and malware, to avoid cases where these sites go undetected before users do not visit them. This feature allows Chrome to share more security data with the service to check for questionable URLs in real time and to determine if a site is a phishing site.
Google is now using Enhanced Safe Browsing to improve its handling of developers posting extensions to the Chrome Web Store. The only catch: it could create new obstacles for developers of extensions new to the Chrome Web Store, as it will take a few months of following Google’s policies to be considered trustworthy.
An obstacle for new developers?
“Any extensions created by a developer who abides by the Chrome Web Store Developer Program guidelines will be deemed trusted by the Enhanced Safe Browsing service. For new developers, it will take at least a few months of compliance with these conditions to become trustworthy, ”said Badr Salmi of Google Safe Browsing and Varun Khaneja of Chrome Security in a blog post.
“Ultimately, we strive to ensure that all developers with compliant extensions achieve this status by meeting these criteria. Today, that represents almost 75% of all extensions in the Chrome Web Store and we expect that number to continue to grow as new developers become trustworthy. “
The new framework for trusted developers follows Google’s efforts over the past year to clean the Chrome Web Store from fraudulent and phishing extensions. Even after a crackdown last August, millions of users installed 28 malicious extensions before they were removed from the app store.
Downloads also on the radar
Chrome users can opt for enhanced safe browsing by going to Settings> Privacy and security, then by checking the “Improved protection” mode, under “Safe browsing”. Users should note that this option allows the service to share data temporarily linked to a Google account if the user is signed in to Chrome.
However, Google claims that Chrome users who turn on Enhanced Safe Browsing mode are 35% less likely to be phished than other users; enough to see a good reason to activate it.
Google is also boosting download protection in Enhanced Safe Browsing to improve protections when downloading potentially risky files from the web. Users will receive a warning when a suspicious file is detected and they will be suggested to send it for further analysis. A first check is carried out by the standard services of Google Safe Browsing.
If you choose to send the file, Chrome will upload it to Google Safe Browsing, which will scan it in real time using its static and dynamic scan classifiers. After a short wait, if Safe Browsing determines that the file is not safe, Chrome will display a warning. As always, you can bypass the warning and open the file without scanning it. Downloaded files are deleted from Safe Browsing shortly after scanning.