Google has introduced a new method to detect confusing and deceptive browser extensions on Chrome. In the next few weeks, Google will start using machine learning as an expansion of abuse protection to reduce harm to Chrome users. The search giant will upgrade its automated inline installation abuse detection features to find out malicious extensions.
The search giant already has an extension-level protection but it will now incorporate machine learning to look at each inline installation request for bad signals in ads and webpages. Once Chrome detects the signals, it will selectively disable the request and redirect users to the extension page on the Web Store. This will ensure that inline installation of the extension from non-deceptive sources is not affected.
In 2011, Google had introduced inline installation to enable users to easily install extensions from developers' websites. Earlier, when a user visited a particular website they had to navigate away in order to download an app or extension. However, after Google Chrome 15, users did not have to leave the site. But, the mechanism has been abused by attackers to trick users into downloading malicious extensions.
No comments:
Post a Comment