There is a reason why it has been advised that users should not visit suspicious looking websites or click on suspicious links. Google has recently attempted to educate users on the dangers of that where these links could try to get users to give up their passwords to their banks and so on.However there is also the danger of these websites running malicious JavaScripts where it would automatically force a download on the user, also known as “drive-by-downloads”. However this is something that Google is hoping to prevent as well because in a report from Bleeping Computer, Google is building protection against such practices in upcoming versions of Chrome.
This was actually detailed by Chromium’s Yao Xiao in a public Google Docs document where it was written, “Content providers should be able to restrict whether drive-by-downloads can be initiated for content in iframes. Thus, we plan to prevent downloads in sandboxed iframes that lack a user gesture, and this restriction could be lifted via an ‘allow-downloads-without-user-activation’ keyword, if present in the sandbox attribute list.”
This sounds like it would be an immensely useful tool at protecting users who might not otherwise be aware that such dangers exist. There is no word on when the feature is expected to be released, but we’ll keep an eye out for it.
Image source – Maxpixel.net
Filed in . Read more about Chrome, Google, Hack and Security.