Firefox’s Malicious Download Checker gets Bypass Option

Although false positives will inevitably continue to be a problem, this still seems like a step in the right direction …

Mozilla implemented Google’s Safe Browsing technology for downloads in Firefox some time ago. The feature checks downloads that you make in the browser using Google to determine if a file is malicious. The browser maintains a local copy of the blocklist and checks the file against that list to verify it. If it is flagged by Google, a blocked message is displayed in the download manager and the download is not saved to the local system.

Improving user protection in Firefox is certainly positive but the system is not free of issues. While Safe Browsing catches malicious files, it is plagued by false positives as well.

If you try to download a password program from Nirsoft for instance, a respected and acclaimed developer of Windows software, you will notice that some are blocked by Safe Browsing even though they are not malicious.

This raises validity concerns especially if Google’s own Virustotal service reports a program as clean. Even if some services report them as malicious, it does not necessarily mean that they are.

False positives are quite common and while Google is blocking downloads in Chrome as well, it offers an option to unlock the download to bypass the flag and get access to the file anyway on the computer.

Firefox up until now does not offer a bypass option. That’s a problem, especially if you know that a file is clean, trust the developer or want to continue because you know what you are doing.

Say, you download the file because you want to run it in a sandbox or a virtual machine. That’s perfectly fine but not possible currently if you are using Firefox because it does not offer a bypass option.

This changes in Firefox 39 which ships with an option to unblock files that were blocked by the browser.

firefox unblock download

The new feature becomes available when you right-click on a file in the browser’s download manager.

A click on unblock displays a confirmation prompt that claims that the file in question contains a virus or other malware which I dislike a lot because it is a claim that is not always true.

firefox unblock file

It reads:

Are you sure you want to unblock this file?

This file contains a virus or other malware that will harm your computer.

You can search for an alternate download source or try to download the file again later.

The message is not overly helpful. First and already mentioned, it claims something that may not be true all the time.

Second, if you have downloaded the file from a trusted source, downloading it from an alternate source or again won’t fix a thing.

Considering that this just landed in Nightly versions of Firefox, it may be reworded before it is released in stable versions of the browser.

All in all though, it is a good thing that the unblock option comes to Firefox even though I wished it would have landed with the feature and not months later. (via Sören)

Link to Original Content

Tags: , , , , ,

Comments are closed.