Question Download Sentinel a browser extension for Chrome which warns for risky downloads

[7Oz-64]

@LinuxFan58
Congrats, nice one!!!

 

[Sampei.Nihira]

Brave only allows users to enable standard mode of Safe Browsing. I wondered whether I could add some download protection (inspired by API Void Browser Protection) which could close the gap between the new privacy conscious STANDARD mode and the ADVANCED mode (with some privacy issues).

I liked the idea of API Void Browser Protection, but wanted to help the user by checking the download-URL reputation at Virus Total and calculate a risk score based on the information available at VT to make an informed decision to either cancel & go back (block) or ignore & proceed (allow).

I uploaded the javascript module which calculates the risk score and this is what ChatGPT assessed when comparing Google Safe Browsing advanced mode against new standard mode, adding a secure DNS (like Quad9 or ControlD) and my extension. I also asked ChatGPT to compare this extension with a user who carefully checks all downloads at Virus Total and only downloads from reputable sources using onlu Google Safe Browsing in standard mode.

View attachment 298255

Warning with risk score and option to block or allow the download.
View attachment 298251

When to use this?

1. When you use advanced Google Safe Browsing ==> skip it
2. When you use API VOID Browsing Protection ==> skip it
3, When you use Safari or Firefox ==> forget it, only available on Chromium browsers
4, When you are a careful user who only uses STANDARD mode for privacy reasons and checks downloads manually ==> this extension automates it for you!

So I don´t expect it to get many users when it is available in the Chrome webstore, only people who are security and privacy aware and are to lazy to manually check stuff at Virus Total, like me (for privacy reasons I only check the download URL, not the content of the download itself). Chat awards the extension a little higher (96-98) than a careful user (94-96), because the download is always paused and checked, while a careful user could forget or omit it occasionally.

I wonder how AI can assess the percentage of trusted sources?
A trusted source today could be compromised tomorrow.
Take Notepad++ recently, and CCleaner in 2017, for example.

I assume it’s best to run a test**** to see if it performs better than the API Void Browsing Protection during downloads.
I assume Download Sentinel is better......
When your extension is available on CWS, if you don’t do it, I’ll do it myself.

Have a good evening.


P.S.

****= URLhaus | Checking your browser

Nothing bad can happen in Linux when you download .exe files for testing purposes.