Firefox adds anti-malware file reputation service

Firefox adds anti-malware file reputation service

Summary: Firefox has blocked known phishing and malware sites for some time. Now it will check reputation on individual files and soon use file signatures.

TOPICS: Security

Mozilla has announced that the new version 31.0 of Firefox, released earlier this week, will check individual file downloads against Google's Safe Browsing reputation service to determine if they are known malware.

Firefox has checked web site URLs against Google's Safe Browsing service since version 2.0. Originally, that service checked only to see if sites were known phishing sites; later on, a list of sites known to serve malware was added to the service. When you encounter such a site, Firefox raises an interstitial warning:

Version 31.0 adds a new feature. If, during a download, the site passes reputation check, then before completion Firefox will send a SHA-256 hash of the file to Google's Safe Browsing Service, which maintains a database of them. This file reputation service is not a documented part of the Safe Browsing API, but Google has given Firefox access to it. Obviously Google Chrome has had access to this file reputation service since Google launched it in 2012.

Firefox also announced that version 32, due in September, will add a new efficiency to malware checks. Before checking the reputation of an individual file with Safe Browsing, it will check the file's digital signature (if it has one) for validity and to see if the publisher is in a local list of known-trusted publishers. If it passes this test, then the file is deemed good. If not, Firefox proceeds with the file reputation check.

If you want to turn this service off, you may do so in "Preferences > Security > Block reported attack sites." 


Note that this setting controls not just the site check (as the name implies) but also the individual file tests. To turn off just the individual file tests, replace browser.safebrowsing.appRepURL in about:config with an empty string (the default setting is

Microsoft Windows SmartScreen service has checked for phishing and malicious web sites in Internet Explorer for some time. With Windows 8, Microsoft added file reputation checking to the service.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Smart

    the more gatekeepers there are to our systems, the better off we are.
  • Firefox adds anti-malware file reputation service

    Nice and I will continue to use Firefox or one of its variants for reasons like this.
    • What? you aren't swearing by IE?

      Or have you finally realized IE is something to swear at?
      • LD 'loving' Firefox

        I must admit, it is hard to believe that Loverock's "handlers" allow him to even mention 'Firefox'.

        I bet the PC used as the DPI filter located in the basement of MS PR department must BSoD anytime a competing browser is mentioned in one of LD's posts.

        His 'knowledge' of Linux is the source of extreme gratification at my (Linux using) "WROK PALCE" (you have to be a 'Shark Tank junkie' to "get" the reference).
      • I use both

        As I have said many times on here, I use both IE and FF.
  • Errr

    Why add a feature when they haven't cleaned Firefox's problems first before adding more features - thereby compounding things. Seems every week while I use Firefox there is another update.
    Why include an option to unblock web forgeries and attacks sites?
    Anyways, just use something like OpenDNS.