Google Online Security Blog: October 2013

Don’t mess with my browser!

October 31, 2013

In the current Canary build of Chrome, we’ll automatically block downloads of malware that we detect. If you see this message in the download tray at the bottom of your screen, you can click “Dismiss” knowing Chrome is working to keep you safe.

This is in addition to the 10,000 new websites we flag per day with Safe Browsing, which also detects and blocks malicious downloads, to keep more than 1 billion web users safe across multiple browsers that use this technology. Keeping you secure is a top priority, which is why we’re working on additional means to stop malicious software installs as well.

Update: 11/1/13: Updated to mention that Safe Browsing already detects and blocks malware.

Linus Upson, Vice President

In some ways, it's safer than ever to be online — especially if you use Chrome. With continued security research and seamless automatic updates, your browsing experience is always getting better and more secure. But recently you may have noticed something seems amiss. Online criminals have been increasing their use of malicious software that can silently hijack your browser settings. This has become a top issue in the Chrome help forums; we're listening and are here to help.
Bad guys trick you into installing and running this kind of software by bundling it with something you might want, like a free screensaver, a video plugin or—ironically—a supposed security update. These malicious programs disguise themselves so you won’t know they’re there and they may change your homepage or inject ads into the sites you browse. Worse, they block your ability to change your settings back and make themselves hard to uninstall, keeping you trapped in an undesired state.

We're taking steps to help, including adding a "reset browser settings" button in the last Chrome update, which lets you easily return your Chrome to a factory-fresh state. You can find this in the “Advanced Settings” section of Chrome settings.

In the current Canary build of Chrome, we’ll automatically block downloads of malware that we detect. If you see this message in the download tray at the bottom of your screen, you can click “Dismiss” knowing Chrome is working to keep you safe.

reCAPTCHA just got easier (but only if you’re human)

October 25, 2013

A new and easier numeric CAPTCHA

Humans find numeric CAPTCHAs significantly easier to solve than those containing arbitrary text and achieve nearly perfect pass rates on them. So with our new system, you’ll encounter CAPTCHAs that are a breeze to solve. Bots, however, won’t even see them. While we’ve already made significant advancements to reCAPTCHA technology, we’ll have even more to report on in the next few months, so stay tuned.