Users are indignant that Chrome scans files on a local disk.

    Last week, individual users of the Chrome browser raised the alarm . The Sysinternals diagnostic utility revealed that the chrome.exe process reads files on a local disk. The nature of the process activity makes it clear that chrome.exe most likely performs antivirus scanning. But why does the browser do this work? Some were outraged that Chrome started this without notice - and did not even ask permission to access the My Documents folder. In our time it looks extremely suspicious.





    Information security specialist Kelly Shortridge (Kelly Shortridge) from SecurityScorecard writes : according to the logs, such browser activity has been noticed since last fall.

    Kelly herself found the answer in the Chrome Help Center, where the mechanism for removing malicious software using Chrome is indicated.

    According to the help, to remove viruses from your computer, do the following:

    1. When Chrome prompts you to remove unwanted programs, click Delete. After that, Chrome will eliminate the malicious software or extension, and will return the modified settings.
    2. If you are asked to restart the computer, click "Restart".

    In other words, the antivirus is already integrated into the Chrome browser and works.

    “Now I understand why my computer [Windows 8] has been so often lately, Kelly writes . “I used to google error codes and get advice to get rid of left-wing antiviruses, but so far I thought that I don’t have these ... your mother.”

    Indeed, back in October last year, Google announced upcoming browser updates, including the addition of the basic Chrome Cleanup Tool for Windows developed by the antivirus company ESET.

    Antivirus works as follows. It searches the system for malicious software that adversely affects the browser (for example, changes the home page and other default settings). It then sends file metadata to Google, including some system information. And then prompts the user for permission to delete the file. The user is prompted to refuse to send reports to Google.



    The work of Chrome antivirus seems to be well-intentioned, aimed at protecting the user. But the messages on Twitter Kelly Shortridge caused a considerable resonance. Nowadays, amid scandal with Facebook user data leakage, such news is really unpleasant.

    “No one likes surprises,” saysHaroon Meer, founder of information security consulting company Thinkst. “When people are afraid of Big Brother, and technical giants go too far ... then the browser, fumbling over personal files to which it has nothing to do, will surely cause alarm.”

    Naturally, after the hype raised, Google had to make excuses. Justin Schuh, head of Google Chrome security, acted as the “devil's advocate”. He explainedthat the only purpose of the Chrome Cleanup Tool is to detect and remove unwanted software that manipulates Chrome. The specialist explained that the program runs only once a week under normal privileges (that is, it cannot penetrate deeply into the system) and works in a sandbox (that is, isolated from other programs). And in general, the ability of Chrome to scan files on a user's computer has long been registered in a privacy document .

    Justin Shukh added that at the moment Chrome does not have settings for disabling antivirus, because historically it is known that such settings are amenable to manipulation by malware. The security department is already thinking how to solve the problem.

    But this did not reassure people. As a professor and well-known information security expert Matthew Green aptly noted : most people "were just a little awesome that Chrome started digging into their underwear drawer without permission."

    Obviously, in the current environment, such tools should act more carefully. According to experts, the antivirus built into Chrome did not do anything special, and if someone really cares that Google has access to the metadata of some files, then why did it install the Chrome browser at all?

    Also popular now: