Chromium Blog: January 2012

Tuesday, January 31, 2012

Of course, this only helps for dangerous content that Google already knows about. To provide better protection, Safe Browsing has two additional mechanisms that can detect phishing attacks and harmful downloads the system has never encountered before.

Phishing attacks are often only active for a few short hours, so it’s especially important to detect new attacks as they happen. Chrome now analyzes properties of each page you visit to determine the likelihood of it being a phishing page. This is done locally on your computer, and doesn’t share the websites you visit with Google. Only if the page looks sufficiently suspicious will Chrome send the URL of that page back to Google for further analysis, and show a warning as appropriate.

Malicious downloads are especially tricky to detect since they’re often posted on rapidly changing URLs and are even “re-packed” to fool anti-virus programs. Chrome helps counter this behavior by checking executable downloads against a list of known good files and publishers. If a file isn’t from a known source, Chrome sends the URL and IP of the host and other meta data, such as the file’s hash and binary size, to Google. The file is automatically classified using machine learning analysis and the reputation and trustworthiness of files previously seen from the same publisher and website. Google then sends the results back to Chrome, which warns you if you’re at risk.

It’s important to note that any time Safe Browsing sends data back to Google, such as information about a suspected phishing page or malicious file, the information is only used to flag malicious activity and is never used anywhere else at Google. After two weeks, any associated information, such as your IP address, is stripped, and only the URL itself is retained. If you’d rather not send any information to Safe Browsing, you can also turn these features off.

This multi-pronged protection combines to make you much safer against the most prevalent attacks on the web while carefully guarding your privacy. We’ve always believed in making the web a safer place for everyone, so we also make the Safe Browsing API available for free to other browsers and websites.

Safe surfing!

Posted by Niels Provos, Software Engineer, and Ian Fette, Product Manager

Safe Browsingrecently announcedvideo on Safe Browsing

turn these features offmaking the web a safer placeSafe Browsing APIotherbrowsersPosted by Niels Provos, Software Engineer, and Ian Fette, Product Manager

Translating JavaScript to Dart

Monday, January 30, 2012

Cross posted to: dartlang.org and the Google Code Blog original Rosetta StoneJavaScript to Dart Synonym app

our app that maps between JavaScript and Dartjoin the conversationfile a new issuePosted by Aaron Wheeler and Marcin Wichary

Making the web speedier and safer with SPDY

Thursday, January 26, 2012

SPDYadded SPDY supportimplement SPDYmod-spdy for ApacheStrangeloopAmazonCotendobest practices documenthereherePosted by Roberto Peon and Will Chan, Software Engineers

Making form-filling faster, easier and smarter

Wednesday, January 25, 2012

we announced supporttextselectx-autocompletetypewebkitspeechreleasedfull texthelp forumstandardization discussion
Posted by Ilya Sherman, Software Engineer

Real-time Communications in Chrome

Wednesday, January 18, 2012

open sourcedW3CIETFdocumentationdeveloper discussion groupWebRTC blog
Posted by Niklas Enbom, Software Engineer

Principles Behind Chrome Security

Thursday, January 12, 2012

Chrome security principlessupport and fundPosted by Justin Schuh and Travis McCoy, Chrome Security Team

Chromium Blog

All About Safe Browsing

Translating JavaScript to Dart

Making the web speedier and safer with SPDY

Making form-filling faster, easier and smarter

Real-time Communications in Chrome

Principles Behind Chrome Security

Labels

Archive

Feed