Google Chrome Is About to Start Blocking Downloads. Here's All You Need to Know
In keeping with its position as one of the leading IT companies of today, Google is one of the forerunners when it comes to taking global to improve online safety. Case in point - the company’s latest efforts are focused on warning Chrome users about “insecure” downloads in an upcoming version of Chrome. There are also plans for Chrome to outright block certain types of files from being downloaded by users in future versions of Chrome.
The announcement that Chrome is to gradually ensure that presumably secure (HTTPS) pages only download what it deems to be "secure" file types, and not any other sort of file, was made by a member of the Chrome security team, one Joe DeBlasio, in a blog post.
The rationale behind the update is that insecurely-downloaded files are a risk to users’ safety and privacy because they can potentially be swapped out for malware by attackers. Another reason that Joe DeBlasio gave for the update was that “eavesdroppers can read users’ insecurely-downloaded bank statements.”
This is the justification for the April 22, 2020 version of Chrome warning its users if they’re about to download “mixed content executables” from a secure website.
Those changes are to be introduced in Chrome version 82. When version 83 hits, those executable downloads will automatically be blocked, and the warning will be applied to archive files. The warning will be extended to include PDFs and .doc files in Chrome version 84. Audio, images, text, and video files will also trigger a warning in version 85. At the time of rolling out version 86, all of the abovementioned types of mixed content downloads will automatically be blocked.
As per the company’s announcements, the rollout of these Chrome security features for Android and iOS users will be delayed by one release, because mobile platforms have better native protection against malicious files. Thus, on mobile, the warnings in Chrome 83 so that Chrome’s developers can initially focus on working on desktop versions of Chrome.
While these measures are a solid step forward with regard to the online safety of Chrome’s users, it is important to keep in mind that this does not actually remove the possibility of them falling prey to malicious online attacks. The measures that Google is set to take over the next few Chrome releases will block off a couple of vectors of attack, but while this does boost overall user security, it does not guarantee it. Cybercriminals are always looking for ways to do harm or part users from their hard-earned cash, and the fact that Google and other similar companies are actively taking steps to make their “job” harder doesn’t seem to discourage them one bit. In fact, it seems to drive them to become even more inventive and ingenious.
Overall, Google’s proactive approach to this matter is praiseworthy, but it should not be taken by users as a cause to grow complacent. Just because Chrome has your back on this particular issue doesn’t mean that you should skip on other reasonable precautions that improve your online safety. Watching out for phishing attacks, not visiting suspicious websites or downloading dubious content, and employing updated anti-malware and security-boosting tools is still a must.