Google releases Suspicious Site Reporter extension for Chrome
Suspicious Site Reporter is a new browser extension by Google for the company's Chrome web browser that provides users with options to report sites to the company.
The extension has two main functions: to report sites to Google and to highlight if Google found anything suspicious about the site.
Suspicious Site Reporter adds an icon to the Chrome toolbar when you install it in the browser. The icon indicates when it detects something that it classifies as suspicious. A badge added to the icon indicates the number of issues detected on the page.
Not all of these issues are bad necessarily; imagine my surprise when Suspicious Site Reporter detected a issue on Ghacks. Turns out the site was flagged because it is not in the Top 5K of websites on the Internet.
The menu displays information that the extension collected about the site. The source code, which Google published on GitHub, highlights all alerts that the extension may display to its users:
- Domain uses uncommon characters (use of IDN).
- Not a top 5K site.
- Site was not visited in the past 3 months.
That's all that is checked by the application. The check for uncommon characters in domain names is arguably the most useful of the three as phishing sites may use IDN to look similar to the "real" site.
The panel highlights the data that will be submitted when users hit the "send report" button. Some data needs to be submitted, URL and IP address, while screenshots, DOM content, and the Referrer Chain are optional.
Suspicious Site Reporter is not particularly helpful at this point in development. The main reason for that is that it makes three checks currently that can't really be used to determine if a site is dangerous. While the uncommon domain name characters check is somewhat useful, the two other checks are not really. Google Chrome does protect against lookalike domains already, however.
Any site not visited by the user is flagged by the extension, and so are all sites that are not in the Top 5K.Â It needs to be noted as well that the extension does not protect you from sites.
Ultimately, it looks more like an effort on Google's part to collect data about sites visited by the user (if reported) than something that can really prevent users from interacting with dangerous sites on the Internet.
Google released another extension in 2015 called Password Alert which suffered from similar design choices.
Now You: do you use extensions like Suspicious Site Reporter?Advertisement