Uncommon Download
Reported by
accasoft...@gmail.com,
Oct 6 2017
|
||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Example URL: Steps to reproduce the problem: 1. Build a new binary *.exe file 2. Sign the file with a good authority 3. Deploy the file on a website What is the expected behavior? The end users can download the fresh file without any warning What went wrong? Chrome and also Google search Console, show a warnign for Uncommon Download. From the docs (https://support.google.com/webmasters/answer/3258249?authuser=0&hl=en): "If Google Safe Browsing hasn't seen a particular binary before, Chrome may warn that it is uncommonly downloaded and could be dangerous. In these cases the warnings are lifted automatically if Google Safe Browsing verifies that it is benign. If your site is showing uncommon download warnings, you can also request a review in Search Console" but this is the common scenario for the software houses with a little user base. Each time i release a new version of my software, the binary changes and the file become "uncommon" for the first (unknow number) users. Each time Search Console show this alert i send a request for a review stating: "The malicious content report doesn't contain any specific link affected by malicious content and I believe, after thorough checking of my website and my server, that my website is safe and secure for the users." Google after 12/24/48/72 hours respond with this message: "Google has received and processed your security review request. Google systems indicate that [name-of-my-website] no longer contains links to harmful sites or downloads. The warnings visible to users are being removed from your site. This may take a few hours to happen." This is frustrating because it happening on each new release of my software. Did this work before? N/A Chrome version: 61.0.3163.100 Channel: stable OS Version: 10.0 Flash Version: Shockwave Flash 27.0 r0
,
Oct 6 2017
This is working as intended. For new binaries hosted in a way that doesn't give sufficient signals to say that it's definitely safe, it'll get that warning. We have ongoing efforts to reduce the frequency of uncommon download warnings in some cases.
,
Oct 9 2017
> For new binaries hosted in a way that doesn't give sufficient signals to say that it's definitely safe how can increase that signals to say that it's definitely safe? The binary is signed with good sign code authority. The website is without https, https can help?
,
Oct 9 2017
Check out the "uncommon download" warning section of https://support.google.com/webmasters/answer/3258249. You can request a review from there. |
||
►
Sign in to add a comment |
||
Comment 1 by mmenke@chromium.org
, Oct 6 2017