Google Chrome safe browsing API a tad suspicious
By George V. Hulme, CSO | Feb 13, 2012
From the start, Google's Safe Browsing API was designed to spot malicious web pages so users wouldn't get trapped in them. Google identifies these sites through its own algorithms and user notification.
Google Chrome isn't the only browser to do this. FireFox and Safari rely on the lists made available in the Safe Browsing API, and Microsoft has its Application Reputation with Internet Explorer, which essentially does the same thing.
This week, NSS Labs, a firm that specializes in the testing of security systems, found something in its monitoring that just didn't feel right.
According to NSS Labs, during the most recent period of testing, Nov. 21, 2011 through Jan. 5, 2011, they observed what appears to be a significant change in malicious website protection when contrasted with historical data. According to their report, "Did Google Pull a Fast One on Firefox and Safari Users?", Chrome's protection rate rose to more than 50 percent before falling back down to 20 percent, while at the same time the Firefox and Safari block rate remained stuck at 2 percent and then suddenly jumped to 7 percent on the same day Chrome's protection precipitously dropped.
The types of attacks NSS Labs evaluated during this period are what it calls "socially engineered malware," or malware that is downloaded by the user from the web. The lab will be testing so-called drive-by download attacks in a later report.
"Google has made very public statements that they don't withhold any data from their Safe Browsing API, so what could explain the results?" asks Vikram Phatak, chief technology officer at NSS Labs.
Perhaps it's the undocumented functionality NSS Labs believes Google has integrated into Chrome, but not Firefox or Safari.
Accelerating the Deployment of the Evolved Cyber Range
Ixia BreakingPoint creates an Internet-scale cyber range environment from a single 7-inch-high device for arming and training cyber warriors. Learn how BreakingPoint can be used by organizations to defend national interests by assessing, educating, and certifying elite cyber warriors and equipping those forces to harden the resiliency of critical network and data center infrastructures.
A Six-Step Plan for Competitive Device Evaluations
This paper presents a six-step methodology for conducting competitive product evaluations that provide advance insight into the performance, security, and stability of devices within production network and data center environments. Following this will give insights on how to evaluate and select the network or security devices for Enterprise, Federal, and Carrier Infrastructures
A Case Study of Eurograbber: How 36 Million Euros was Stolen via Malware
This is a case study about a sophisticated, multi-dimensional and targeted attack that stole an estimated 36+ million Euros from more than 30,000 bank customers from multiple banks across Europe.
Symantec, Singapore school partner to nurture next-generation security talents
Symantec Corp. and the Singapore Management University will jointly train and equip IT security professionals with the latest knowledge and skill sets in information security.