A developer version of Google’s Chrome browser will automatically flag and block malware that the user’s anti-malware system wouldn’t otherwise detect, Google said.
The “Canary” version of Chrome, designed for early testing by developers and others, will show a small warning note in the area of the screen reserved for downloads, notifying the user that it had prevented malware from being downloaded, Google said in a blog post. The new technology is in addition to Google’s existing “Safe Browsing” capability, which blocks up to 10,000 new websites per day, based on a reputation score that Google develops and assigns.
The downloads Google will block with the new technology aren’t flagged by an antivirus program as “traditional” malware, and people may not even know they’re there, representatives said. They may change browser settings or install ads, hijacking the browser for its own purposes.
Malware is constantly evolving and improving, as are the anti-malware systems deployed by browsers and dedicated software. As such, it’s difficult to provide a comprehensive, up-to-date perspective on which solution protects you best. In May, NSS Labs ran a test comparing the effectiveness of the five leading browsers against a pool of 754 pieces of real-world malware. But that test, while indicative of the relative strength of each browser, is already out of date: NSS tested Microsoft’s Internet Explorer 10, for example, instead of the latest IE11 installed in Windows 8.1. And NSS also tested Chrome 25/26, while Chrome is now up to version 30.
For what it’s worth, however, NSS found that IE blocked 99.96 percent of the malware the firm threw at it, while Chrome blocked 83.16 percent. Those were the two best browsers, by far: Safari blocked 10.15 percent, Firefox 9.9 percent, and Opera just under 2 percent of malware.
NSS criticized the reputation schemes used by both IE and Chrome. “CAMP technology is by definition content agnostic and therefore more susceptible to false positives and user error. In order to offset the higher false positive rate of CAMP technologies the user is given a choice to block or allow content that is flagged as potentially untrustworthy, based upon reputational schemes. Good software that is not well known will be blocked. Malicious software that has been engineered to have excellent reputational aspects may evade protection. Depending on an untrained user to make the correct choice is unwise.”
Google also added a “reset browser” setting, so that if your browser does become infected, it can be refreshed to what might be called the “factory state”. Nevertheless, an up-to-date browser is just the first part of a secured PC.