Google is still trying to get notification abuse under control in Google Chrome

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
Source: Google is still trying to get notification abuse under control in Google Chrome - gHacks Tech News

by Martin Brinkmann on October 27, 2020 in Google Chrome

Google announced an extension to its effort to get notification abuse under control in the company's Chrome web browser. Starting in Chrome 86, the company is expanding its efforts to limit the abuse of notifications for users of the browser.

Chrome, like most modern web browsers, supports web notifications. The main idea behind the notifications is simple: give sites and web apps a tool at hands to inform (notify) users. Notifications may inform users about site updates or news, but are also abused by sites for advertisement or, in the extreme case, malicious purposes. While it is true that users need to accept the notification request in first place, sites may use deception to get them to allow notifications.

Google introduced quieter notification permission requests in Chrome 80 and started to enroll sites with "abusive notification permission requests" automatically so that their permission requests would use the quite notification user interface instead of the default permissions prompt.

Starting in Chrome 86, Google is doing the same now for notification content. Sites that use notifications to send "messages containing abusive content" will have their notifications blocked automatically in the Chrome browser by default. The blocking is supported by desktop and mobile versions of the Google Chrome web browser.

1603811707336.png

Blocked does not mean that users are not informed about the notification attempt. Chrome will display the notification blocked icon in the browser's address bar and users may activate the icon to display a prompt with the following message.
Notifications blocked
This site may be trying to trick you into allowing intrusive notifications
Options are"allow" and "continue blocking"; the former allows notifications and bypasses Chrome's blocking, the latter does the same as a click on the x-icon, it keeps the blocking in place.

Google uses its web crawler to determine whether sites send out abusive notifications. The company notes that the web crawler will subscribe to website notifications and that its Safe Browsing technology is used to determine whether the content is abusive. Sites are flagged if Safe Browsing determines that notification content is abusive, and webmasters will be informed about the fact in Google's Search Console. A grace period of 30 days is given to resolve the outstanding issue and request a review. Sites that fail to do so will have their notification content blocked in Google Chrome.

While not explicitly mentioned, it is very likely that the same blocking mechanism will find its way into other Chromium-based browsers.

 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top