Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Microsoft Chrome Security

Microsoft Ports Edge Anti-Phishing Technology To Google Chrome (bleepingcomputer.com) 75

An anonymous reader writes: Microsoft has released a Chrome extension named "Windows Defender Browser Protection" that ports Windows Defender's -- and inherently Edge's -- anti-phishing technology to Google Chrome. The extension works by showing bright red-colored pages whenever users are tricked into accessing malicious links. The warnings are eerily similar to the ones that Chrome natively shows via the Safe Browsing API, but are powered by Microsoft's database of malicious links —also known as the SmartScreen API.

Chrome users should be genuinely happy that they can now use both APIs for detecting phishing and malware-hosting URLs. The SmartScreen API isn't as known as Google's more famous Safe Browsing API, but works in the same way, and possibly even better. An NSS Labs benchmark revealed that Edge (with its SmartScreen API) caught 99 percent of all phishing URLs thrown at it during a test last year, while Chrome only detected 87 percent of the malicious links users accessed.

This discussion has been archived. No new comments can be posted.

Microsoft Ports Edge Anti-Phishing Technology To Google Chrome

Comments Filter:
  • Is there any point in installing this extension on a mac?
  • Though I commend their effort to improve Chrome's phishing protection, this may also be used to track users' browsing habits and show better "interest-based ads," as vaguely hinted at in the extension's privacy policy.

    Thanks but no thanks.

  • Calling this a “port” of Windows Defender's “anti-phishing technology” is an extreme exaggeration, I suspect. Weighing in at only 295KiB total, this Chrome extension is apparently little more than a keyhole portal interface from the Chrome browser to the underling Windows Defender installed on your system platform.

    So for those not running Chrome atop Windoze (like on Linux or MacOS or such), I suspect this Chrome Extension is merely a 295KiB no-op / placebo / bloatware.

    I imagin

    • by tlhIngan ( 30335 )

      In that case, I conjecture it could only do so by phoning home to Microsoft to check the URL against a remote on-line database... but that would then raise a massive privacy tsunami about remotely communicating what URLs you're visiting to some dark-site server somewhere in Redmond, WA. If so, let the tin-foil hat parade commence.

      Youi realize that Google's anti-phishing thing works exactly the same way too? Except instead of Seattle, WA, it consults Mountain View, CA?

      Ostensibly, Google actually has more

      • by IHTFISP ( 859375 )

        You realize that Google's anti-phishing thing works exactly the same way too? Except instead of Seattle, WA, it consults Mountain View, CA?

        Perhaps. Perhaps not.

        Unless I'm mistaken, both are proprietary services, the underlying software & algorithms of which are likely trade secrets.

        Can anyone recommend good whitepaper summaries of both/either? (I'll conduct an on-line search in my copious spare time, but an expert recommendation may save me some trouble.)

        BTW, I never meant to imply that the tin-foil hat brigade is rational: just reactionary. Color them “triggered”. ;-)

        Ostensibly, Google actually has more information, since basically all the major browsers (Chrome, Firefox and Safari) all use Google's API, whereas now, Microsoft only got Edge and now optionally Chrome.

        True.

        Moreover, for those of us sucka chumps who s

  • by tomxor ( 2379126 ) on Wednesday April 18, 2018 @06:17PM (#56460881)

    Chrome users should be genuinely happy that they can now use both

    LMFAO, so preemptively defensive.

    An NSS Labs benchmark revealed that Edge (with its SmartScreen API) caught 99 percent of all phishing URLs thrown at it during a test last year, while Chrome only detected 87 percent of the malicious links users accessed.

    You will have to forgive me if I consider this a worthless statistic... you know microsoft have a history if "beating everyone else" in their own hand crafted benchmarks only to be utter shit in reality (especially when talking about browsers).

    • by jrumney ( 197329 )
      It might be a more useful statistic if it was coupled with the rate of false positives. Usually these things are a tradeoff, and the sweet spot is more often in the 80%-90% range than at 99%.
  • The SmartScreen API isn't as known as Google's more famous Safe Browsing API

    This. Microsoft is extending something to chrome that chrome arguably never needed. its appearance and function is completely foreign to most chrome users. At best, this is another clumsy Microsoft attempt to speed past the ballmer dynasty similar to their Linux subsystem for Windows. At worst, this is Microsoft pissing in Googles Cheerios and pushing browser war brinkmanship.

    • Re: (Score:2, Insightful)

      by thegarbz ( 1787294 )

      As usual someone has completely missed the point while frothing at the mouth against the headline.

      This has NOTHING to do with Chrome. This has everything to do with Symantec, McAfee, and others, and is MS trying to prove their Windows Defender product is better than the alternatives and more feature rich.

      And to be honest I struggle to disagree. I think in terms of the overall package (security and performance) users should pick:

      1. Windows Defender
      2. Absolutely no Antivirus
      3. No internet connection or USB po

  • by Anonymous Coward

    The extension works by showing bright red-colored pages whenever users are tricked into accessing malicious links

    Happens all the time for me. Google some Excel problem, find a link that sounds like the right thing, and even points to a microsoft.com domain...

    Click it, and end up with an ad for Surface, Windows 10 or Edge.

    But I really don't think the add-on would catch even a single one of them.

I've got a bad feeling about this.

Working...