How to deal with "may be dangerous" download prompts in Chrome

Martin Brinkmann
Nov 10, 2021
Google Chrome
|
26

I tried to download the latest Ventoy release recently from the project's GitHub repository. Chrome, the browser that I used at the time, displays a notification in the download panel at the bottom of the browser window.

chrome may be dangerous

It stated that the downloaded zip file could be dangerous and asked me whether I wanted to submit it to Google for scanning.

FILENAME may be dangerous. Send to Google for scanning?

ADVERTISEMENT

The only option that Google Chrome displayed at the time was a send button. There was a down arrow next to it, which, when activated, would display additional options.

The following options were presented:

  • Scan file -- which does the same as send.
  • Discard -- deletes the downloaded file immediately, without scanning.
  • Open now -- did not open the file, but removed the "send" message and unlocked the file on the local disk.
  • Show in folder -- opens the folder the file was downloaded to.
  • Cancel -- deletes the file on the local system as well.

A quick check of the chrome://downloads management page displayed only two options for the file.

ventoy dangerous

Discard would delete the downloaded file again, which Chrome locks until the user makes a decision, and keep would unlock it so that it can be interacted with on the local device.

So, what is the best option to deal with the prompt? You could pick the "send" or scan file" options to get it scanned by Google. Google checks the file and will unlock it automatically if the scan does not turn up anything malicious.

Some users may prefer not to send files to Google, e.g. when the files are personal in nature or if files should not be shared for other reasons. In that case, it is best to either select the "open now" option or, better in my opinion, the "keep" button on the chrome://downloads page.

In case Google Chrome is continuing to put stones in the way, you may want to consider using a different browser or a download manager to download files from the Internet. Suitable candidates include Free Download Manager, or the commercial, but worth every penny, Internet Download Manager.

Now You: which program or browser do you use for downloading?

 

Summary
How to deal with
Article Name
How to deal with "may be dangerous" download prompts in Chrome
Description
Find out how to handle the "may be dangerous" prompts that Google Chrome displays when you download certain files on the Internet.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Paul(us) said on November 10, 2021 at 4:47 pm
    Reply

    Today it was announced that the European Commission has rightly imposed a fined to Google of more than 2.4 billion euros Euros for abuse of power.

    This has been ruled by the General court of the European union in Luxembourg.
    Google had contested the fine imposed.

    The case revolves around Google Shopping, a price comparison service.
    Anyone who searches for a product via Google searches for a product,automatically receives
    a list of sponsored articles.
    According to the European Commission Google is thereby putting its own service ahead of
    ahead of other price competitors.

    The EU also demanded adjustments to Google shopping.
    Other competitors can also be in the shop window since then.

    Maybe it’s also a good idea that the European union also takes a very close look at this kind of according to Google dangerous download estimation behavior.
    It is currently the case that the butcher is judging his own meat.
    For that you have to have a separate inspection service of goods.
    Why shouldn’t the European union create them?

    1. ddk said on November 10, 2021 at 6:12 pm
      Reply

      Europe appears to be more stringent & on top of issues (abuses & annoyances) like that.
      Here is the US, it’s all about $$$$$, profits and executive bonuses.
      Government allows and even encourages shady business practices by Google, MS and others.
      After all, from those mega corps is where politicians get their bread buttered every election cycle. (plus kickbacks)

      1. B E said on November 10, 2021 at 7:20 pm
        Reply

        The EU is responsible for creating the largest annoyance on the web. Stupid cookie acceptance popups on every single website because of their own ignorance about cookies. If this is what being “stringent & on top of issues” looks like, I’d prefer they just fuck off.

      2. DrKnow said on November 10, 2021 at 11:49 pm
        Reply

        That’s a misconception about the cookie directive.

        Cookies are allowed for the proper running of the site ie strictly necessary cookies. Consent ISN’T require for these.

        It’s website owners lack of understanding and/or abuse of cookies that is the issue not cookie acceptance prompts.

        Cookies are allowed for the proper running of the site ie strictly necessary cookies. Consent ISN’T require for these.

        Where it goes wrong is website owners either misinterpret the rules and have a popup for everything or start adding cookies that can be used to track you.

        What the legislation should have done is allow browsers to pass flags to a site to limit what cookies can be used. These obviously need further consent when for example setting up an account for on-line shopping etc.

      3. Trey said on November 10, 2021 at 11:13 pm
        Reply

        @ddk
        Why doesn’t the EU just promote alternate search platforms? No-one is being forced to use Google. They may be ignorantly using it, but come on… Why do you need the all-knowing central gov’t to be your mommy?

      4. DrKnow said on November 11, 2021 at 2:53 am
        Reply

        What a completely clueless reply. A little bit of thinking is required.

      5. Jerry said on November 11, 2021 at 12:55 am
        Reply

        @ddk
        imagine believing that EU is somehow good, the less democractic organization takes decision over people who didn’t vote for the, people who barely know the bankers and business people that run the criminal and undemocratic European Union.
        I feel bad for you, and then you blame Google and Microsoft and then talk about “companies want to make money” when PEOPLE are actually the one giving them power, look how crazy people are about win11 even if it has restrictions and TPM and all that, what about Chromebooks, Android, Gmail, Youtube, Search? do you blame Google because people use them and made them so powerful they can do whatever they want? It is like complaining about Amazon when people can just ignore amazon and go and buy their stuff in a local store and support small business….

        Government job shouldn’t be get in the middle of anyone’s business or people’s lifetyle, are you one of those that think rich people should pay more?

        Obviously big corportions probably make a bunch of shady and criminal activties but I doubt you and anyone else can prove them, but pretending that Government have to fine and regulate companies and make excuses like “monopoly” to fine people like happened with Microsoft, it is just not smart.

        You are complaining about the power those corportations and big tech, silicon valley has… yet, you want to give government more and more power to get in everyone’s life, amazing way of thinking!.

      6. Fireview said on November 11, 2021 at 9:33 am
        Reply

        Jerry, how’s the weather in Russia? Of course we expect the EU to deal with trivial stuff like that, life is easier. Do you build your own roads? Same with global warming or pollution for example, let the EU regulate the corporations, the only undemocratic things in the EU are Hungary and Poland.

    2. Stan Pines said on November 10, 2021 at 11:23 pm
      Reply

      Maybe the EU should create a Great Firewall and develop their own set of approved apps and websites or even make it mandatory to use them for you “safety”. Sounds like Paul(us) paradise.

    3. Anonymous said on November 10, 2021 at 11:38 pm
      Reply

      Time for both Apple and Microsoft to get the same fine for abuse of power.

    4. No Thanks, Five Eyes said on November 11, 2021 at 12:52 am
      Reply

      Europe still silent about Google’s spying and data theft.

  2. BM said on November 10, 2021 at 5:16 pm
    Reply

    Similar popup when downloading shared files on Google Drive.

    If the file is bigger than Google’s threshold, it will flag the file as potentially dangerous (as it is “too big” to scan for viruses – incidentally, VirusTotal has absolutely no problem scanning such files, using the Google Drive link, no less).

    I think Google lowered the threshold as I frequently share files for the past few years and it is only lately that I’ve been getting questions back from those I shared them with about this.

    They are less technically sophisticated so “trust” Google to protect them. I end up having to educate them and giving them a link to VirusTotal to check for themselves.

    If anything, I’d guess that Google just doesn’t want to expend the resources, as I can imagine it is several $Millions. A “free” service that gets cut back – haven’t we seen this before?

    1. The Hookwinked Owl 367 said on November 10, 2021 at 9:37 pm
      Reply

      brave could hijack that popup to push more unwanted batcrazy crypto adverts

  3. Anonymous said on November 10, 2021 at 9:01 pm
    Reply

    “Some users may prefer not to send files to Google”

    This is naive. Assuming it’s probably even worse in Chrome, let’s study how Google’s Download Protection works in Firefox:

    https://old.reddit.com/r/firefox/comments/cttqli/this_file_contains_a_virus_or_malware_is_this/

    “Firefox told Google that you were downloading this and Google told Firefox that it was malware.”

    That happened automatically without a prompt. Google knows what URL the file was downloaded from. And this happens for a large percentage of downloaded files, not just programs, Mozilla has been inclusive for non-binary ones too, read the discussion.

    Note the very high number of downvotes for that correct answer. Note the incredulity reply too from the typical privacy interested user until now abused by Google’s Mozilla’s propaganda about it liking privacy and fighting Google, “vat ?”, which was then removed. This time we were lucky, moderation let the “community” do the job.

    Note then the confirmed Mozilla employee who denies that this is how it works. So we have already three layers of denial here to hide the facts. Someone insists that this is correct and the employee gives quotes a non relevant part of a technical reference that actually confirms what was said. Fourth layer of denial.

    And don’t think that this was unusual. Just an ordinary day at Google’s Mozilla. Those who have practiced them a little know what I am talking about.

    Google’s Mozilla, the “fact checking” reference. The sworn enemy of fake internet content. By the way they opened a new study which I hope is only opt in and not one of their opt-out ones, which collects your detailed browsing history to check if you read fake or true facts as defined by Google’s Mozilla, so if you have time to have a look at that don’t forget to use another browser.

    Later, they removed the ability to disable Google’s Download Protection from mobile Firefox. Like that was not already bad enough that it was enabled by default.

    1. Anonymous said on November 10, 2021 at 10:14 pm
      Reply

      “Assuming it’s probably even worse in Chrome”

      Not so sure after all, quote from bugzilla in that link:

      “effectively the privacy story of Firefox is worse than Chrome here (!).”

    2. ULBoom said on November 11, 2021 at 3:53 pm
      Reply

      Safebrowsing can easily be disabled in FF desktop and Focus. Not sure about phone FF since it’s a bloated mess and I haven’t tried it in years.

      Unless I’m the only one on the planet who knows how. Uh, No, it’s simple.

  4. Anonymous said on November 10, 2021 at 9:19 pm
    Reply

    More details:

    https://www.mozilla.org/en-US/privacy/firefox/#security

    “Firefox sends basic information about unrecognized downloads to Google’s SafeBrowsing Service, including the filename and the URL it was downloaded from.”

  5. Anonymous said on November 10, 2021 at 10:13 pm
    Reply

    I don’t understand what the fuss is about. I use a sandboxed browser, ‘keep’ the file and upload to VirusTotal. If happy with the result it gets moved from the Sandbox.

    I wasn’t happy with ithttps://www.virustotal.com/gui/file/35ea0f62746e069249e9fb18f4d3339966b31b0ee5fbc12508c88bc5965ee9f7/detection/f-35ea0f62746e069249e9fb18f4d3339966b31b0ee5fbc12508c88bc5965ee9f7-1636566210

  6. John G. said on November 10, 2021 at 10:38 pm
    Reply

    @Martin I was able to download it with a button that shows ‘save’ option. :0
    > Chrome/95.0.4638.69
    > https://a.uguu.se/wdQvsCp.jpg

  7. Tom said on November 11, 2021 at 12:43 am
    Reply

    Your complaint is weird when even Firefox uses SafeBrowsing, that means if you downloaded the file with safebrowsing on, it would also get a warning.
    All Chromium use safebrowsing but Microsoft, but it does the same thing, it will display you a warning if the file is new and not whitelisted.
    You can turn it off and then get the warning in all downloads you make, using safebrowing will stop the warning in some but you are sharing data with Google which I don’t want, not even on Brave that proxies the connection I use safebrowsing.

    So I don’t understand the problem, all browsers suffer these type of things, of course, Chromium browsers will probably warn you and being annoying about every download but that’s better than safebrowsing.

  8. neil said on November 11, 2021 at 1:54 am
    Reply

    IDM isn’t that great – i asked there support about md5 checking as part of download and nope didn’t do which i required within role of getting large files daily

    1. ULBoom said on November 11, 2021 at 3:42 pm
      Reply

      IDM’s very fast but I don’t trust the privacy claims they make. I could make a list of their weirdnesses but not being able to disable checking for updates without registry hacks is near the top.

      At least I’ve never found a turn off switch. I have a lifetime license and use the software quite a bit, it’s just a bit strange.

  9. more cushion for the pushin said on November 11, 2021 at 10:35 am
    Reply

    UGet (https://ugetdm.com/) which has a lot of options and a nice GUI, or wget (https://www.gnu.org/software/wget/) for the command line.

    Now as far as virus concerns, there are plenty of antivirus programs, both local and remote which allow for scanning, some which include using YARA (https://virustotal.github.io/yara/) which the user can also do, but locally this is for the command line and I won’t explain further. There are simple tutorials on how to use YARA on the web. I don’t trust a suspected file based on AV alone, using YARA with relevant rules is simply a must.

  10. ULBoom said on November 11, 2021 at 3:35 pm
    Reply

    Chromia (maybe they picked this up from IE) continues with ridiculous download behavior, the things mentioned here plus leaving the downloaded file box in the bottom of the browser window, not like the top bars aren’t way too big.

    For the majority of users, a check on downloads could be a good idea but there should be, in the layer upon layer of settings, a switch for turning off this junk. AV’s scan files on download and opening anyway.

    Google Safe Browsing has uses if you trust it, but no way can Google even fake privacy with this download check. Seems like a sleazy way to scrape more user data.

  11. common sense computing said on November 12, 2021 at 5:17 am
    Reply

    ungoogled chromium, librewolf, or bust

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.