Starting with Firefox 32, Mozilla will check file downloads against Google's application reputation database which is powering Chrome's Safe Browsing feature since 2012.
If you have read the release notes of Firefox 31, you may have noticed the entry "block malware from downloaded files" under What's New.
The integration of the feature in Firefox 31 is the first step in the implementation which will be completed when Firefox 32 is released to the public in six weeks.
In Firefox 31, a local list is used to determine whether a downloaded file is malicious or not. This downloaded list is updated regularly, ans whenever a download is being made, that download is checked against the list to make sure it is not malicious in nature.
Note: Firefox will only check executable files and not other file types.
From Firefox 32 on, downloads are checked against the local list and a remote list if the local list does not return a hit. This remote list is maintained by Google, and to access it, information about the download are submitted in the process.
While the file itself does not get transferred, its SHA-256 hash value as well as other information such as the suggested file name for the download, the length of the file in bytes and the url the file was downloaded from are.
Example screenshot of a download that Chrome blocked as malicious
How to block the sending of information to Google
While the implementation of download checks in Firefox may help some users avoid malware downloads, others may dislike the integration of the feature.
A core reason is privacy since information about file downloads are submitted to Google. Not only are information submitted, but the request itself will reveal additional information such as the IP address of the computer the request came from.
If you have deployed antivirus software on your system, it may also be unnecessary to use the Firefox implementation as the software may protect the system from malicious downloads automatically.
Last but not least, false positives are also a possibility.
To disable the application reputation check in Firefox, do the following:
- Type about:config in the browser's address bar and hit the enter key.
- Confirm that you will be careful if a warning message is displayed.
- Search for browser.safebrowsing.appRepURL.
- Double-click the preference and replace its value with a blank.
Removing the address from the preference blocks the sending of information to Google.
It is alternatively possible to disable Safe Browsing completely.
- Load about:preferences in Firefox's address bar.
- Switch to Security in the sidebar on the left.
- Disable the entries "Block reported attack sites" and "block reported web forgeries".
Additional features about the application reputation feature are available on Mozilla's Wiki.
Now Read: An in-depth Firefox security guide