Open Bug 1595729 Opened 5 years ago Updated 2 years ago

Consider not treating unknown verdict type as a safe download

Tracking

()

Status:

NEW

People

(Reporter: dimi, Unassigned)

References

(Blocks 1 open bug)

Details

Dimi Lee [:dimi]

Reporter

Description

•

5 years ago

Right now, when a download protection remote ping returns the unknown verdict type, we treat it as safe1. While Chrome shows a warning message to ask users to confirm the download.
We should also consider treating "unknown" downloads differently to more actively protect our users. Also, if we look at the telemetry(APPLICATION_REPUTATION_SERVER_VERDICT_2), some file extensions do have a large amount of "unknown" verdict results.

Dimi Lee [:dimi]

Reporter

Updated

•

5 years ago

Blocks: downloadprotection

Dimi Lee [:dimi]

Reporter

Updated

•

5 years ago

Summary: Consider not treating unknown as safe for download protection → Consider not treating unknown verdict type as a safe download

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Consider not treating unknown verdict type as a safe download

Categories

(Toolkit :: Safe Browsing, enhancement, P3)

Tracking

()

People

(Reporter: dimi, Unassigned)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated