Google Combats Malicious Software With New Chrome Badges

Google Combats Malicious Software With New Chrome Badges

In an effort to reduce confusion and improve user safety, Google has introduced two new Web Store badges: the Featured badge and the Established Publisher badge. Both were implemented last week following a blog post from Chrome’s design manager.

Chrome’s Featured badge appears on extensions and themes that follow Chrome Web Store’s best practices. This is an extensive list of requirements regarding security, user privacy, Google account support, and compatibility with Manifest V3 (the latest version of the Chrome extension platform). Qualifying extensions and themes must store ex-users’ data for at least 30 days in case they accidentally unsubscribed from or uninstalled the software. Google also specifies that publishers hoping to earn a Featured badge must create a store listing page that is “clear and helpful for users, with quality images and a detailed description”—a requirement already listed in the Store’s best practices, but reiterated nonetheless.

Google Combats Malicious Software With New Chrome Badges

The Established Publisher badge is reserved for software made by publishers Google has deemed dependable. In order for a publisher’s extension or theme to obtain this badge, two things must be true: the publisher must have verified their identity, and they must have “established a consistent positive track record with Google services” and with Google’s Developer Program Policy. Under this policy, publishers must not inflate their software’s rating, post inappropriate content, participate in keyword spamming, or engage in a number of other improper (and sometimes illegal) behaviors.

Google Combats Malicious Software With New Chrome Badges

Some think the badges were introduced to help fight a longstanding issue in which bad actors were purchasing existing extensions, then turning them into adware. While this could technically still happen, the Featured and Established Publisher badges ideally will help point Chrome users toward more trustworthy software. Publishers can’t pay their way into having either badge; both are earned once the publisher has submitted a review request, prompting a Google employee to inspect the software.

Continue reading

EU Considers Banning Kaspersky Software ‘Confirmed as Malicious’
EU Considers Banning Kaspersky Software ‘Confirmed as Malicious’

The EU has passed a directive calling for the end of using Kaspersky products after they've been "proven malicious." That particular bar hasn't quite been met, at least not publicly.

Malicious USB Cables Embed Wi-Fi, Can Remotely Control Connected PC
Malicious USB Cables Embed Wi-Fi, Can Remotely Control Connected PC

Forget bad USB drives — now we need to worry about malware-loaded USB cables.

Google Discovered Malicious Websites Used to Hack iPhones for Years
Google Discovered Malicious Websites Used to Hack iPhones for Years

Apple patched the flaws after they were reported, but we're only now finding out the scale of the attack, thanks to Google's Project Zero team.