Soon, Google Chrome will make your web experience more secure
In a bid to create a private and secure web experience, Google has announced the plan to warn users about insecure downloads. The move, according to a blog post from the company, would be the first in a series of steps planned to completely block risky downloads by the end of this year. Here's all you need to know about it.
Google wants to ensure secure pages download secure files
As announced by Joe DeBlasio of Chrome's security team, Google wants to upgrade the download process on the browser - by making sure that only secure pages (HTTPS) are able to download secure files. For this, he claimed, the company will soon begin the process of alerting about and blocking insecure files, which could carry malware capable of spying on people.
Insecure downloads can be a major threat, per Google
"Insecurely-downloaded files are a risk to users' security and privacy," DeBlasio said in the blog post, adding that "insecurely-downloaded programs can be swapped out for malware by attackers, and eavesdroppers can read users' insecurely-downloaded bank statements."
How Google will start the blocking process?
The planned restrictions, as described by Google, will be rolled out in a phased manner. First, with Chrome 82, a warning will appear when a user would try to download an insecure content executable (.apk/.exe) from a secured page. Then, with Chrome 83, the executables would be blocked automatically while warning will shift to insecure archives like .zip and .iso.
The process will continue for all types
The whole warning and subsequent blocking procedure will be continued until all risky file types - including .pdf, .docx, .png, .mp3, and .mp4 - downloaded from secure pages are blocked completely by Chrome. This, Google estimates, will happen with the release of Chrome 86, which is expected to show up by October 2020, and later versions.
Initially, these restrictions will apply to Chrome for desktop
Chrome's latest security-focused restrictions will first apply to the desktop version of Chrome running on Windows, Chrome OS, Linux et al. The version for mobiles will also get the feature but it would be delayed by one release, according to Google. This means the warnings will start showing with Chrome 83, instead of 82 on mobile devices.
Why Google will delay restrictions on mobile?
Google says that "mobile platforms have better native protection against malicious files, and this delay will give developers a head start towards updating their sites before impacting mobile users."