You’re browsing the web, checking out the latest news on your favorite band, when suddenly you see a red warning screen: “The site ahead contains malware.” These warnings aren’t new—since 2006, Google Safe Browsing has shown them when you navigate to an unsafe site. The warnings protect you from harms caused by unsafe sites, such as malware infections and phishing attacks. But it hasn’t always been clear why a specific website triggers a warning, and you may want to learn more.
To demystify these warnings, we’re launching a Site Status section in the Transparency Report. The next time you come across a Safe Browsing warning, you can search for the blocked website in the Transparency Report to learn why it’s been flagged by our systems.
The new Site Status section of the Transparency Report replaces our previous Safe Browsing diagnostic page. It includes a clearer interface and simpler explanations of the issues, such as details for sites that host unwanted software. We’ve added it to the Transparency Report so that the Safe Browsing section of the report is a one-stop shop for information to help you understand what Safe Browsing is and how it works.
If a favorite website shows up as “dangerous,” it’s often due to user-uploaded bad content or a temporary malware infection. The Site Status will return to normal once the webmaster has cleaned up the website. To help speed up this process, we automatically give the webmaster a heads-up about the problem via Search Console; if you use Google Analytics, we’ll also warn you there if your site has malware on it. (Webmasters, check the help center to learn how to remove malware from your websites.)
We’re constantly working to keep users safe and informed online. Visit the updated Site Status section in the Transparency Report to experience it yourself.
Posted by:
Adrienne Porter Felt, Chrome Security Engineer and Warning Wizard
Emily Schechter, Safe Browsing Program Manager and Menace to Malware
Ke Wang, Safe Browsing Engineer and Developer of Defense
Today, we introduced a new Chromecast and its partner-in-crime, Chromecast Audio. Chromecast has faster performance, a new design and is available in three colors. Chromecast Audio is a small device that plugs into your existing speakers, so you can stream your favorite tunes from your phone, similar to Chromecast.
We’re also introducing an easier way to find what to watch through the redesigned Chromecast app. Now, you can go to a single place to browse or search content from across apps you already use. The Chromecast app is available on Android starting today and rolling out to iOS over the coming weeks.
Chromecast has the most comprehensive collection of apps globally with millions of entertainment options. Here’s just a few:
It’s fall premiere season-- catch up on your favorites. Chromecast can help you burn through the last season of Homeland on Showtime before the next season premieres in October. Or choose from over 200,000 TV shows and movies from favorites like Netflix, Google Play Movies, HBO Now, Hulu, CW Seed, WatchABC and WatchDisney, with SlingTV coming soon.
Never miss your favorite sports game. With recently-launched NFL Sunday Ticket by DirecTV, you can cast live games (even those that aren’t nationally televised) to the TV. Check the scores and stats from the mobile app while watching the action live on TV. Chromecast works with WatchESPN, MLB At Bat, CBS Sports and many others. NBA, NHL and BTN2Go are coming soon.
Score a last-minute party playlist. You’re throwing a party and forgot to make a playlist. With Chromecast Audio, anyone in your house (and on your WiFi) can DJ using their phone to cast to the speakers—no additional pairing or set up necessary. Choose from over 35 million songs on Spotify, Google Play Music, Pandora iHeartRadio and more.
Give game night a twist. Turn your TV screen into a race track, golf course or dance floor. Chromecast takes popular mobile games and brings them to the big screen. Anyone can join in, using their Android phone or iPhone® as a game controller. Soon, we’ll be adding Angry Birds Go!, WGT Golf, and Driver Speedboat Paradise. Available now are classics like Just Dance Now, Catch Phrase Blitz, and Scrabble Blitz.
Relive the weekend. Before you completely dive back into the real world on Monday morning, share your weekend memories. With Google Photos, cast any picture from your albums to the TV for a bigger picture, while using your phone to swipe to the next one.
You can also turn your TV screen into a picture frame filled with photos from Facebook, Google Photos, Flickr, Getty Images, 500px and more. Visit chromecast.com/backdrop to find out more.
Cast the morning news. With Chromecast Audio, cast talk shows like NPR One to your bedroom speakers while you're getting ready for work.
Enjoy some sweet offers. Once you’ve purchased and set up a Chromecast, you’ll find a few special offers waiting for you:
90 days of free music from Google Play
free 1 month trial of CBS All Access
free movie rental from Google Play
three-month free trial of Rhapsody
30 days of access to Crunchyroll Premium.
Visit chromecast.com/offers* to learn more.
Your phone is bursting with entertainment. With Chromecast and Chromecast Audio, you can enjoy your content on the biggest screen and best speakers in the home.
Post by Shanna Preve, Director Global Content, Chromecast
* Terms apply. For more information, visit chromecast.com/offers. Please note that some of the apps referenced above require subscriptions.
Speed is one of the founding principles of Chrome. As the web evolves and sites take advantage of increasing capabilities, Chrome’s performance—how fast pages load, how smooth scrolling is, how much memory is consumed, and how long your battery lasts—becomes even more important. So in the latest release of Chrome we’ve included a ton of improvements to make your browsing use less memory and power. Chrome has long had the option to “continue where you left off” by restoring tabs when you relaunch Chrome. Now, Chrome is smarter about restoring your tabs more efficiently. Tabs are restored from most to least recently viewed, so you get to see the most important tabs faster. And Chrome will now detect if your computer is running low on resources and stop restoring the rest of your tabs to save you precious memory. You can always click to restore them if you'd like to access them later. We’ve also introduced another memory-saving technique. Chrome can now detect when a webpage isn't busy with some other task, and use the free time to aggressively clean up old, unused memory. In practice we found that this reduced website memory usage by 10% on average, but the effect is even more dramatic on complex web apps. With Gmail, for example, we can free up nearly a quarter of the memory used by the tab.
After being idle for a short time, Chrome 45 (right) frees up nearly a quarter of the memory it was using for Gmail, a significant improvement compared to Chrome 43 (left). Video is sped up 8x.
We’ve also made changes to Chrome to improve power usage. A new setting introduced in June will auto-pause Flash content that's not central to a website. Our testing has shown that turning on this setting makes your battery last up to 15% longer depending on your operating system, so over the next few weeks we'll begin turning on this feature by default for all users. This latest version of Chrome includes the most recent wave of performance updates, but there's much more in the works for upcoming versions of Chrome. So get ready for faster, even more powerful browsing! Posted by Ryan Schoen, Product Manager and Performance Promoter
Summer is the perfect time to get together with friends, watch TV shows, movies and play some games. Starting today, you’ll find either new cast-enabled apps for Chromecast to enjoy on the big screen.
From Khaleesi to Hannah Horvath: your favorite HBO® shows are now casting
Fans can catch up on Game of Thrones® and other favorites, tune in live for new episodes of Ballers(sm) and True Detective® or catch up on every season of Girls®. HBO NOW(sm), the new standalone subscription service from HBO®, allows you to stream shows at the same time they air on TV without a cable subscription.
More family-friendly games
We’re always looking for new and innovative ways to use your phone as a remote or game controller, which has lead us to new social games like FitFlap and Catch Phrase Blitz.
FitFlap, by BreakFirst, uses the front-facing camera on the phone to capture players flapping their arms. The harder you flap, the higher pigs on the screen fly to collect coins while dodging obstacles. More into brain games? Catch Phrase Blitz, the classic Hasbro guessing game, is now casting and is sure to bring excitement to your next party. Or try your hand at a more strategic, turn-based gameplay with Tricky Titans by MediaMonks. These giant Titans are standing on top of villages and using large shovels to scoop up houses and throw them at each other.
And still more
Budding photographers will be pleased to know that Pixlr is also available — a fun and powerful photo editor that lets you quickly crop, rotate, and fine-tune any picture. Foodies and travel gurus can now cast their favorites on the Watch Food Network and Watch Travel Channel apps, including Cutthroat Kitchen, Beat Bobby Flay, and Hotel Impossible. And finally for the kiddos, on Pokemon TV dozens of episodes featuring Ash and Pikachu are available for you to watch and rewatch as much as you like.
Anyone with a phone or tablet can join the fun. Download these apps from the Play Store or App Store so all of your family and friends can tune in, flap, swing, shout, smash, and dance, or binge on their favorites. A subscription is required for some content.
Happy Casting!
Shanna Preve, aspiring Hooli intern (and Chromecast director of global content)
Often when we use our mobile phones, it's for something fast in the moment. We see a food item we can’t identify, or hear a song lyric, and want to know more—quick answers to quick questions.
So we’re bringing a new feature to Chrome—search from any webpage with just a tap. Since Chrome can see the page you’re searching from, it can give you more accurate search results. For example, just tapping on “America” on the page below shows a search about the movie “Captain America: Civil War”, not the country. Just slide up to see more information—news, cast, images and more.
This is coming to Chrome on Android over the next few days (with Asian language support to follow).
Posted by Donn Denman, Software Engineer and Top Tapper
Adobe Flash allows web pages to display rich content—but sometimes that can put a squeeze on your laptop’s battery. So we’ve been working with Adobe to ensure that your experience on the web can be power-efficient as well as rich and interactive—and today, we’re introducing an update to Chrome that does just that.
When you’re on a webpage that runs Flash, we’ll intelligently pause content (like Flash animations) that aren’t central to the webpage, while keeping central content (like a video) playing without interruption. If we accidentally pause something you were interested in, you can just click it to resume playback. This update significantly reduces power consumption, allowing you to surf the web longer before having to hunt for a power outlet.
This feature will be enabled by default on Chrome’s latest desktop Beta channel release starting today, and will be rolling out soon to everyone else on Chrome desktop. If you need to manually enable it, just head to Chrome’s content settings and select “Detect and run important plugin content.”
We'll be rolling out more power improvements in the coming months - stay tuned!
Posted by Tommy Li, Software Engineer and Power Conservationist
If you're looking forward to catching-up on all the hot TV shows this summer, get ready to binge out with Chromecast. There's a little something for everyone to enjoy, and here are another half dozen apps for your viewing pleasure.
CBS All Access is now casting shows like The Big Bang Theory and NCIS. And for those seeking a little outside inspiration for their summer project, indulge in new HGTV episodes of Property Brothers and Fixer Upper.
EMPIRE fans, we’ve got you covered too. You can now stream the entire first season and catch up before Season 2 starts in the fall, or watch Brooklyn Nine-Nine using FOX NOW, as well as The Americans and Louie using FXNOW.
Finally, check out the streaming service Pluto TV which curates over 100 channels of news, music, sports, web and TV shows, or Haystack—a news app that is tuned specifically to your interests so that you can keep up with current events and happenings around the world.
Note that you may need to sign in with a subscription or participating TV provider account to access some content. Make sure to update your apps and find the latest on chromecast.com/apps.
Posted by Ananda Sen, Business Development Manager and Professional Foot Tapper
In March, we outlined the problems with unwanted ad injectors, a common symptom of unwanted software. Ad injectors are programs that insert new ads, or replace existing ones, into the pages you visit while browsing the web. We’ve received more than 100,000 user complaints about them in Chrome since the beginning of 2015—more than any other issue. Unwanted ad injectors are not only annoying, they can pose serious security risks to users as well.
Today, we’re releasing the results of a study performed with the University of California, Berkeley and Santa Barbara that examines the ad injector ecosystem, in-depth, for the first time. We’ve summarized our key findings below, as well as Google’s broader efforts to protect users from unwanted software. The full report, which you can read here, will be presented later this month at the IEEE Symposium on Security & Privacy.
Ad injectors’ businesses are built on a tangled web of different players in the online advertising economy. This complexity has made it difficult for the industry to understand this issue and help fix it. We hope our findings raise broad awareness of this problem and enable the online advertising industry to work together and tackle it.
How big is the problem?
This is what users might see if their browsers are infected with ad injectors.
None of the ads displayed appear without an ad injector installed.
To pursue this research, we custom-built an ad injection “detector” for Google sites. This tool helped us identify tens of millions of instances of ad injection “in the wild” over the course of several months in 2014, the duration of our study.
More detail is below, but the main point is clear: deceptive ad injection is a significant problem on the web today. We found 5.5% of unique IPs—millions of users—accessing Google sites that included some form of injected ads.
How ad injectors work
The ad injection ecosystem comprises a tangled web of different players. Here is a quick snapshot.
Software: It all starts with software that infects your browser. We discovered more than 50,000 browser extensions and more than 34,000 software applications that took control of users’ browsers and injected ads. Upwards of 30% of these packages were outright malicious and simultaneously stole account credentials, hijacked search queries, and reported a user’s activity to third parties for tracking. In total, we found 5.1% of page views on Windows and 3.4% of page views on Mac that showed tell-tale signs of ad injection software.
Distribution: Next, this software is distributed by a network of affiliates that work to drive as many installs as possible via tactics like: marketing, bundling applications with popular downloads, outright malware distribution, and large social advertising campaigns. Affiliates are paid a commision whenever a user clicks on an injected ad. We found about 1,000 of these businesses, including Crossrider, Shopper Pro, and Netcrawl, that use at least one of these tactics.
Injection Libraries: Ad injectors source their ads from about 25 businesses that provide ‘injection libraries’. Superfish and Jollywallet are by far the most popular of these, appearing in 3.9% and 2.4% of Google views, respectively. These companies manage advertising relationships with a handful of ad networks and shopping programs and decide which ads to display to users. Whenever a user clicks on an ad or purchases a product, these companies make a profit, a fraction of which they share with affiliates.
Ads: The ad injection ecosystem profits from more than 3,000 victimized advertisers—including major retailers like Sears, Walmart, Target, Ebay—who unwittingly pay for traffic to their sites. Because advertisers are generally only able to measure the final click that drives traffic to their sites, they’re often unaware of many preceding twists and turns, and don’t know they are receiving traffic via unwanted software and malware. Ads originate from ad networks that translate unwanted software installations into profit: 77% of all injected ads go through one of three ad networks—dealtime.com, pricegrabber.com, and bizrate.com. Publishers, meanwhile, aren’t being compensated for these ads.
Examples of injected ads ‘in the wild’
How Google fights deceptive ad injectors
We pursued this research to raise awareness about the ad injection economy so that the broader ads ecosystem can better understand this complex issue and work together to tackle it.
Based on our findings, we took the following actions:
Keeping the Chrome Web Store clean: We removed 192 deceptive Chrome extensions that affected 14 million users with ad injection from the Chrome Web Store. These extensions violated Web Store policies that extensions have a narrow and easy-to-understand purpose. We’ve also deployed new safeguards in the Chrome Web Store to help protect users from deceptive ad injection extensions.
Protecting Chrome users: We improved protections in Chrome to flag unwanted software and display familiar red warnings when users are about to download deceptive software. These same protections are broadly available via the Safe Browsing API. We also provide a tool for users already affected by ad injectors and other unwanted software to clean up their Chrome browser.
Informing advertisers: We reached out to the advertisers affected by ad injection to alert each of the deceptive practices and ad networks involved. This reflects a broader set of Google Platforms program policies and the DoubleClick Ad Exchange (AdX) Seller Program Guidelines that prohibit programs overlaying ad space on a given site without permission of the site owner.
Most recently, we updated our AdWords policies to make it more difficult for advertisers to promote unwanted software on AdWords. It's still early, but we've already seen encouraging results since making the change: the number of 'Safe Browsing' warnings that users receive in Chrome after clicking AdWords ads has dropped by more than 95%. This suggests it's become much more difficult for users to download unwanted software, and for bad advertisers to promote it. Our blog post from March outlines various policies—for the Chrome Web Store, AdWords, Google Platforms program, and the DoubleClick Ad Exchange (AdX)—that combat unwanted ad injectors, across products.
We’re also constantly improving our Safe Browsing technology, which protects more than one billion Chrome, Safari, and Firefox users across the web from phishing, malware, and unwanted software. Today, Safe Browsing shows people more than 5 million warnings per day for all sorts of malicious sites and unwanted software, and discovers more than 50,000 malware sites and more than 90,000 phishing sites every month.
Considering the tangle of different businesses involved—knowingly, or unknowingly—in the ad injector ecosystem, progress will only be made if we raise our standards, together. We strongly encourage all members of the ads ecosystem to review their policies and practices so we can make real improvement on this issue.
Many people whip out their phones throughout the day to check something quickly—get a weather forecast, check what time the Giants game is, find out who guest starred on Mad Men last night. And that’s true for the many millions of you who use Chrome on iOS, so we’ve made our latest version even faster for the things you do every day.
Just pull down on any page to reload, open, or close tabs with one swipe. Pull straight down to reload, pull down and left to open a new tab, or pull down and right to close a tab.
On iOS 8, you can now add Chrome to your Today View to open a new tab or start a voice search quickly. Here's how.
Searching in the address bar? You’ll now see suggested answers as you type for weather, stocks, unit conversions and more, as well as any URLs you’ve copied to your clipboard.
And finally, you can now use your favorite password manager (1Password, Lastpass and more) to fill out website password fields in a snap.
On April 8, 2014, Microsoft stopped supporting Windows XP. This isn’t just a formality: computers running Windows XP haven’t received security patches in over a year and are facing a number of critical security vulnerabilities. At the operating system level, computers running XP are inherently in danger of being infected by malware and viruses, making it increasingly difficult for Chrome to provide a secure browsing environment. That’s why we strongly encourage everyone to update to a supported, secure operating system.
That said, we know that not everyone can easily switch to a newer operating system. Millions of people are still working on XP computers every day. We want those people to have the option to use a browser that’s up-to-date and as safe as possible on an unsupported operating system. We previously announced that we’d keep supporting Chrome on Windows XP through ‘at least’ April 2015. It’s April 2015 now, and we’re extending that commitment. We will continue to provide regular updates and security patches to Chrome on XP through the end of 2015.
Posted by Mark Larson, Director of Engineering, Google Chrome
