Google Chrome Downloads Files Before User Confirmation
I noticed a strange behavior in Google's latest Chrome developer build. I'm not sure if the problem exists in other versions of the Chrome browser as well, but it is likely that it does.
Whenever you download a file with the Google Chrome web browser you see a small confirmation dialog at the bottom of the screen if the file can potentially be harmful to the computer. Options presented by that small dialog are to save the file, or to discard it.
Update: In the most recent version of Google Chrome, the dialog has changed slightly. The message now reads "This type of file can harm your computer. Do you want to keep [filename] anyway?".
Options presented are to keep the file or to discard it. Keeping is the equivalent of save, but a better indication that the file has already been saved to the system.
Imagine my surprise that the file was already in the download directory of my computer even though I did not select one of the two options for that file.
Google Chrome apparently starts the download right away but renames the file until the user has made the decision whether to save the file or discard it.
The file is named unconfirmed xxxxx.download for the time being. It is however the complete file and it can be executed or unpacked right from there, all without the users confirmation.
This type of file can harm your computer. Are you sure you want to download [filename]?
A click on the discard button removes the file from the download directory again while the save button renames it to its original file name. Closing the web browser has the same effect as selecting the discard button.
This is obviously not a huge problem but it definitely makes the confirmation dialog less secure. It would be better if the web browser would start the download only after the user's confirmation, or to use a temporary directory to preload the file and move it to the download directory after it has finished and the user has accepted the download.
One of the main issues with Chrome flagging downloads as potentially harmful is that there is a chance of false positives. False positives are legitimate files that are not malicious or harmful, but that are flagged as such.
My late 2c. I agree with Martin that there should be a way to disable it… in all browsers… even if it is not a security threat.
This is an optimization feature, but it assumes ample network capacity. With 3G, usage limits are back. It is all too easy to be directed to a large download, incur a significant use without the user confirming it. The default option to download in the background is fine. But the user should be able to disable it when it is not in his interest. I expect this much from open source browsers.
To Neelesh… this is not for exe files only. I just noticed it over a large PDF.
I think, this confirmation is only displayed when an exe is being downloaded.
Useful but potentially dangerous, e.g. a pre-existing Trojan can watch for a certain sequence coming in, be it a new DDOS script or a binary update. Using a temp dir and a random file name may help a bit but is not a solution. Should be a toggle in the security settings.
Firefox also does the same for awhile already, I find it useful actually.
Lol this proves techblog writers really don’t know everything about tech.
>> Sorry, you are wrong – I quote:
He is passionate about all things tech and knows the Internet and computers like the back of his hand.
Oh. OK actually, he doesn’t, and you are, actually, correct.
I don´t think that this is not a bug but a feature. The latest ~30 builds of chromium and chrome act like this. And since the temp-downloaded file is not executable, I don´t think it´s a security problem.
I think it is convenient but since the file can be renamed or extracted it can be a problem. It would be better if they would place it in a temporary directory until the user confirms the download.
corect. do you have any idea.. other than this, to save or download file without asking any permission??????
I have not found an option to disable it.
Point is other browsers make temporary downloads in temporary folders. In the trash, not in the middle of legit files.
Opera does the same. I love it to be like that, sometimes you open in the background some download link and forget about it, it’s nice that the download is ready when I get back to that tab.
As for security, come on! you don’t even have a point there.
This is the same behavior as FF has. And I don’t think it’s that insecure. As you mentioned the file cannot be run by default, but can still be renamed. So to secure the method more maybe they should make unable rename until you click save. I think its easy to implement solution.