๐ Year one: progress in the fight against Unwanted Software
๐ก Newskategorie: IT Security Nachrichten
๐ Quelle: feedproxy.google.com
Posted by Moheeb Abu Rajab, Google Security Team
“At least 2 or 3 times a week I get a big blue warning screen with a loud voice telling me that I’ve a virus and to call the number at the end of the big blue warning.”
“I’m covered with ads and unwanted interruptions. what’s the fix?”
“I WORK FROM HOME AND THIS POPING [sic] UP AND RUNNING ALL OVER MY COMPUTER IS NOT RESPECTFUL AT ALL THANK YOU.”
Launched in 2007, Safe Browsing has long helped protect people across the web from well-known online dangers like phishing and malware. More recently, however, we’ve seen an increase in user complaints like the ones above. These issues and others—hijacked browser settings, software installed without users' permission that resists attempts to uninstall—have signaled the rise of a new type of malware that our systems haven’t been able to reliably detect.
More than a year ago, we began a broad fight against this category of badness that we now call “Unwanted Software”, or “UwS” (pronounced “ooze”). Today, we wanted to share some progress and outline the work that must happen in order to continue protecting users across the web.
What is UwS and how does it get on my computer?
In order to combat UwS, we first needed to define it. Despite lots of variety, our research enabled us to develop a defining list of characteristics that this type of software often displays:
- It is deceptive, promising a value proposition that it does not meet.
- It tries to trick users into installing it or it piggybacks on the installation of another program.
- It doesn’t tell the user about all of its principal and significant functions.
- It affects the user’s system in unexpected ways.
- It is difficult to remove.
- It collects or transmits private information without the user’s knowledge.
- It is bundled with other software and its presence is not disclosed.
- We now include UwS in Safe Browsing and its API, enabling people who use Chrome and other browsers to see warnings before they go to sites that contain UwS. The red warning below appears in Chrome.
- We launched the Chrome Cleanup Tool, a one-shot UwS removal tool that has helped clean more than 40 million devices. We shed more light on a common symptom of UwS—unwanted ad injectors. We outlined how they make money and launched a new filter in DoubleClick Bid Manager that removes impressions generated by unwanted ad injectors before bids are made.
- We started using UwS as a signal in search to reduce the likelihood that sites with UwS would appear in search results.
- We started disabling Google ads that lead to sites with UwS downloads.
- UwS-related Chrome user complaints have fallen. Last year, before we rolled-out our new policies, these were 40% of total complaints and now they’re 20%.
- We’re now showing more than 5 million Safe Browsing warnings per day on Chrome related to UwS to ensure users are aware of a site’s potential risks.
- We helped more than 14 million users remove over 190 deceptive Chrome extensions from their devices.
- We reduced the number of UwS warnings that users see via AdWords by 95%, compared to last year. Even prior to last year, less than 1% of UwS downloads were due to AdWords.