Chrome Is Scanning Files on Your Computer, and People Are Freaking Out

[steven36]

Some cybersecurity experts and regular users were surprised to learn about a Chrome tool that scans Windows computers for malware. But there’s no reason to freak out about it.

 

 

 

The browser you likely use to read this article scans practically all files on your Windows computer. And you probably had no idea until you read this. Don’t worry, you’re not the only one.

 

Last year, Google announced some upgrades to Chrome, by far the world’s most used browser—and the one security pros often recommend. The company promised to make internet surfing on Windows computers even “cleaner” and “safer ” adding what The Verge called “basic antivirus features.” What Google did was improve something called Chrome Cleanup Tool for Windows users, using software from cybersecurity and antivirus company ESET.

 

Tensions around the issue of digital privacy are understandably high following Facebook's Cambridge Analytica scandal, but as far as we can tell there is no reason to worry here, and what Google is doing is above board.

 

In practice, Chome on Windows looks through your computer in search of malware that targets the Chrome browser itself using ESET’s antivirus engine. If it finds some suspected malware, it sends metadata of the file where the malware is stored, and some system information, to Google. Then, it asks you to for permission to remove the suspected malicious file. (You can opt-out of sending information to Google by deselecting the “Report details to Google” checkbox.)

 

Last week, Kelly Shortridge, who works at cybersecurity startup SecurityScorecard, noticed that Chrome was scanning files in the Documents folder of her Windows computer.

 

“In the current climate, it really shocked me that Google would so quietly roll out this feature without publicizing more detailed supporting documentation—even just to preemptively ease speculation,” Shortridge told me in an online chat. “Their intentions are clearly security-minded, but the lack of explicit consent and transparency seems to violate their own criteria of ‘user-friendly software’ that informs the policy for Chrome Cleanup [Tool].”

 

Her tweet got a lot of attention and caused other people in the infosec community—as well as average users such as me—to scratch their heads.

 

“Nobody likes surprises,” Haroon Meer, the founder at security consulting firm Thinkst, told me in an online chat. “When people fear a big brother, and tech behemoths going too far...a browser touching files it has no business to touch is going to set off alarm bells.”

 

Now, to be clear, this doesn’t mean Google can, for example, see photos you store on your windows machine. According to Google, the goal of Chrome Cleanup Tool is to make sure malware doesn’t mess up with Chrome on your computer by installing dangerous extensions, or putting ads where they’re not supposed to be.

 

As the head of Google Chrome security Justin Schuh explained on Twitter, the tool’s “sole purpose is to detect and remove unwanted software manipulating Chrome.” Moreover, he added, the tool only runs weekly, it only has normal user privileges (meaning it can’t go too deep into the system), is “sandboxed” (meaning its code is isolated from other programs), and users have to explicitly click on that box screenshotted above to remove the files and “cleanup.”

 

In other words, Chrome Cleanup Tool is less invasive than a regular “cloud” antivirus that scans your whole computer (including its more sensitive parts such as the kernel) and uploads some data to the antivirus company’s servers.

 

But as Johns Hopkins professor Matthew Green put it, most people “are just a little creeped out that Chrome started poking through their underwear drawer without asking.”

 

That’s the problem here: most users of an internet browser probably don’t expect it to scan and remove files on their computers.

 

When reached out for comment, a Google spokesperson redirected me to the blog post from last year and Schuh’s tweets.

 

A section in Chrome’s Privacy Whitepaper explains that “Chrome periodically scans your device to detect potentially unwanted software.” That exact language has been there since at least January of 2017, according to archived versions of the whitepaper. And similar language (“Chrome scans your computer periodically for the sole purpose of detecting potentially unwanted software”) has been there for even longer.

 

Martijn Grooten, the editor of Virus Bulletin and organizer of one of the premiere antivirus conferences in the world, told me in a Twitter chat that the behavior of the Chrome Cleanup Tool was “sensible.”

 

“For almost all users, this seems really harmless, and for those who are extremely concerned about Google seeing some metadata, maybe they shouldn't be running Google's browser in the first place,” he said.

 

This story has been updated to include a quote from Kelly Shortridge.

 

Source

[knowledge-Spammer]

never use this program but maybe firefox do the same thing ?

[steven36]

3 minutes ago, knowledge said:

never use this program but maybe firefox do the same thing ?

No Firefox  is open source   , If you want a chrome  without a scanner you need to use chromium browser or a fork . It's only in Google Chrome. 

[capt_blake]

https://twitter.com/ronindey/status/980905911089758208

I think so too. similarly.

 

[knowledge-Spammer]

so  Chome do more then firefox  like

default setting scans downloaded files automatically, using a standard anti-virus application to help safeguard your system security  ?

[mclaren85]

1 hour ago, knowledge said:

never use this program but maybe firefox do the same thing ?

What do you use for browsing?

You can use yandex. It also has chromium features

[knowledge-Spammer]

8 hours ago, mclaren85 said:

What do you use for browsing?

sometimes is yandex or firefox 

[mclaren85]

Also keep in mind that Tor browser always uses custom built firefox which make me think that it could be the safest.

[Avitar]

But isn't this a good thing? A MD5 checksum can't be used to regenerate a file without exhausting 2^128 combinations. And the amount of monkeys using a browser nowadays and running the MacAFee that came with their computer, it's like herd immunity and stupidity protection.

[Rico69Suave]

https://secured.fyi/browser.html Can be useful for you people  (also you can read other categories like VPNs/Emails/Password managers and etc)

 

Tip: After years of Chrome/Firefox/Opera use, now (and after a month) i choose Vivaldi as my only browser and i really like it.

[Sylence]

Eset sucks, Windows defender already does the job a lot better than 3rd party antiviruses.

Microsoft Edge is a better alternative than Chrome forks or Firefox and it's faster, also syncs data and supports ublock add-on, with Cortana on Android you can send open tabs and more to the desktop version too.

 

but, looks like this Chrome's antivirus isn't preinstalled, there is a download page for it which is optional: https://www.google.com/chrome/cleanup-tool/

 

[DKT27]

Wait, scanning in the Documents folder by an optional AV tool, why is that an issue, any AV scanner would do that.

 

The bigger issue which no one talks about, which last time I checked was still the same, is that Chrome installing in the Appdata folder without user permission so that I can go through all the permissions required to run the software. I do not know if they fixed it or intend to do so.

[capt_blake]

1 hour ago, DKT27 said:

by an optional AV tool

I don’t see it being optional.
You can download and install the Chrome Cleanup tool separately (i.e., without installing chrome).
But if you install Chrome, you get the “feature” bundled into the browser.
Announced on Oct 16, 2017. Am I right?
“We’ve begun to roll this out to Chrome for Windows users now. Over the next few days, it will help tens of millions of Chrome users get back to a cleaner, safer web”
https://blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/
And it’s a big issue (for one thing – cloud AV component, ESET, pfu, part of a browser)…and a lot more.
Technically it’s a horrible idea. For a moment I didn’t believe this is true.
Do you remember the Chrome Software Reporter Tool (I forgot it), part of the Chrome Cleanup Tool.
How this sounds…:)
Blocking it truly reduced the CPU load in a Windows environment I used (it’s idiotic to even need to do this, I think. But I don’t care much).
https://www.ghacks.net/2018/01/20/how-to-block-the-chrome-software-reporter-tool-software_reporter_tool-exe/

[capt_blake]

1 hour ago, capt_blake said:

And it’s a big issue

 

1 hour ago, capt_blake said:

Technically it’s a horrible idea.

I put this too harshly. I'm sorry.
Some users may appreciate it, benefit; obvious.
I like simple things. Cant fully grasp the tendency for "leave it all to us, don't think, digest happily" products/solutions.
Again, it's just software. Spring and sunshine...
#getoutside

[Radpop]

I remember something about why 'Chrome Cleanup Tool' came. Chrome was using a lot resources and crashing, not as much as Firefox, but still too much and too often. Chrome Cleanup Tool's important task was to scan and remove software that may cause problems with Chrome, such as crashes, unusual startup pages or toolbars, unexpected ads you can't get rid of, or otherwise changing your browsing experience. This tool was one weapon against this useless or harmless 3rd party scrap which accumulates to inepts browsers and computers, and now this tool's better version is inbuild in Chrome.

 

Maybe freaks are freaking,  but we ordinary people are winning. 

[capt_blake]

4 hours ago, Radpop said:

Maybe freaks are freaking,

https://www.youtube.com/watch?v=QM6SNrmH0r8

cheers.