Google Chrome will soon throw security warnings at you that you cannot ignore
Google is changing how Chrome reports potentially malicious file downloads to the user. While the blocking algorithm is not changing, Chrome will display full screen security warnings to the user.
Google Chrome blocks file downloads that its Safe Browsing feature considers malicious. Whether these are indeed malicious or not is not always clear, as Safe Browsing may block access to files that are not.
Google has changed Chrome's Safe Browsing feature several times in recent history. Here are two recent changes:
- In September 2023, Google enabled real-time checks in Chrome's Safe Browsing feature.
- Also in 2023, Google added options to warn users about malicious extensions in Chrome.
Google changing how Chrome handles dangerous downloads
Soon, Google Chrome will display a different kind of warning when users attempt to download malicious files. First up is the blocking of the file download.
Chrome displays the download list and states "dangerous download blocked" in red letters underneath the download.
A click on the download reveals additional information. In the case of the test download, Chrome stated "this file is dangerous".
The only options at this point are to delete the download from the history and to click on a help link. Deleting the download from history removes it from the system.
The only option to resume the download is the following:
- Load chrome://downloads/ in the browser's address bar or select Menu > Downloads.
- Activate the menu icon next to the flagged file and select "download dangerous file" from the menu. Chrome throws a full browser window warning at you at this point.
- Select "continue anyway".
- Pick a reason for wanting to download the file. Chrome gives three:
- I created this file.
- I trust the site.
- I'm willing to accept the risk,
- Activate the download button.
It does not matter which reason you select, all lead to the download. Once you have clicked on the download button, Chrome will download the file to the local system.
To better understand how this differs from Chrome's current process, it is necessary to list it here.
Current versions of Chrome will also prevent the download and display only the delete history option in the download window. A click on the menu on the downloads page displays a prompt with an option to download the file.
In other words, there is no full page warning screen or the requirement to select a reason for downloading the file.
Closing Words
Whether this new barrier to downloading dangerous files will reduce the number of malicious downloads remains to be seen. It is surely adding complexity to the process and it feels strange that users have to select a reason for wanting to download the file, especially since all lead to the desired result.
There is still the option to use a different browser, if a particular download is not working properly in Chrome.
What about you? Do you use web browsers to download files or specialized download managers? Feel free to write a comment down below.
Spyware behind the security reason, they require confirmation to extract extra data from users.
Nanny state
is a term of British origin that conveys a view that a government or its policies are overprotective or interfering unduly with personal choice. The term likens such a government to the role that a nanny has in child rearing.
https://en.wikipedia.org/wiki/Nanny_state
Thank the Average Joe who clicked faster on a link faster on ignore UAC and faster on ignore that my cat can mouse mice.
I have a few questions for the idiots who added this feature to Google Chrome; are you an antivirus company? You don’t do anything except pay someone a salary to play with adding so-called malware to this worthless database.
Virus Total and antiviruses say that the files you call malicious are clean – who do you think you are, idiots?
Either shut down Virus Total (owned by Google) or stop this idiotic Google Safe Browsing nonsense (a complete disgrace).
Looking at the screenshots above, Google is blocking downloads from Nirsoft. Nirsoft for me is a trusted source for utilities that can come in very handy at times. Some of their utilities are considered “malware” because they can access information in the OS that MS, Google and others don’t want us to access. Yes, they could be used for nefarious purposes under rare circumstances, but why would I do nefarious things to my own computer?! No thanks for the “nanny nag”, Google.
This is exactly what these companies want. Total control over your device and data, with the warning “for your safety”.
Want to use Photoshop standalone, which you bought in 2019 because you’re tired of paying monthly subscriptions? You cannot since it is “potentially malicious”. Would you like to listen to your music offline? You can’t since you don’t have a Premium+Plus One Plus S subscription. What about the old film of your family? You cannot since you have not paid for the $120 annual codec subscription. That video you bought a year ago is no longer available in the catalog. You’re out of luck.
It will only become worse now that everything is being made into slow web-based crapware instead of native software.
They should have this warning instead:
“Are you sure you want to click through to this AI generated SEO gaming website that’s 100% garbage or worse yet ranked number one for your Google search?”
thats more or less dumbing down the users.
They should rename the browser to Google Coddle.
Yay! *eyeroll*
My favorite one is when any of the browsers block a genuine HP pdf document from downloading.
It’s usually “dangerous” without citation and merit.
Maybe goo should be telling everyone exactly why they think a specific file is not tolerated by them instead of badgering the unpaid by goo to do their work for them.
:::The real threat comes from those who scream the most and do the usual finger pointing.
Don’t use Chrome, use Brave instead, or one the many alternatives, Firefox, Waterfox, Vivaldi, Opera, Dragon, Ice Dragon to name just a few.
“Brave” – ah yes, let’s all use a botnet with crypto spyware.
They are asking the reason because it is data for them and they never miss an opperunity to collect data. If forced to give Google random information it asks for I always give it rubbish information.
There should be a 4th choice under “Tell us why…” and it should be “It’s none of your business”
This is why people who don’t want this turn Safe Browsing off, but then, of course you will get asked about ‘potential malicious downloads’ on every download, but it is better than dealing with weird Safe Browsing database which tends to fail for many popular downloads only because they are not signed or anything.
This is also why forks like Brave added chrome://flags/#brave-override-download-danger-level so people that know about it, will be able to enable the flag and forget about it, you won’t get any message when safe browsing is off which is the point of turn it off.
I think that flag should stay as a flag, because maybe these notices will make people stop downloading and clicking and navigating to bad sites, but I never trust Safe Browsing, but I guess “it is better than nothing”.
Huge pita, as always. Everyone’s a goo-goo gaga baby and nobody can think for themselves.
Help me nanny Google! Waah!
The giving a reason bit is especially cringy and something Google has no right to ask, I would say?
It’s just all funny because the algorithm that sets what’s “dangerous” or not obviously hasn’t got a clue, a bit like ChatGPT, just a confidence rating
I am really got tired about these nonsense advices because Google (and also Windows Smartscreen) don’t even have a serious complete list of trusted not common legitimate files, for example like some compilations of C++ Runtimes or some HP and ASUS BIOS updating files. Even once I received in the past some advices about 7z, Java x64, Fotosizer, Irfanview and more. There should be only once option: “do you want to continue the download?”. Period. Thanks for the article! :]
Imagine if Firefox was secure…
Imagine if firefox came without google safebrowsing, google trackers and their own telemetry and user profilers, or let you turn them off on mobile. Forkers of mobile firefox cant even remove it since it lies about being open-source.
Yes we should all switch to Yandex and Tusk
Is this snark? I hope so.
Sometimes you can download a positive trojan coming from some suspicious email, but not software labeled as “malicious” by Google/Microsoft (they hate software that blocks their telemetry or changes settings for the benefit of their users). In the end, they want to say what you can have or not.
@Mikhael,
Hit Ctrl+U to see where the origin of the email is and if it looks suspicious don’t open it which will prevent malware being downloaded.
As for Windows 11 it’s just a glorified adserver and best avoided like the plague. Same goes for Google.