Robert O'Callahan's (ex-Mozilla employee) blog post on anti-virus injecting code into browsers.
And then read this fun Twitter thread from Justin Schuh, head of Chrome's security team, arguing with AV author Vess on the very issue.
And then read the HN thread on that Twitter thread.
 - http://robert.ocallahan.org/2017/01/disable-your-antivirus-s...
 - https://twitter.com/justinschuh/status/802491391121260544
 - https://news.ycombinator.com/item?id=13079569
Essentially crappifying the internet for their users, while charging them for the privilege.
. Found this https://vah13.github.io/AVDetection/
As much as this sucks, if you tell the user that their antivirus is the problem (the antivirus program that they paid for and trust), you will lose a customer.
Many people who aren't comfortable with technology have been taught to NEVER disable their antivirus, and that anyone that is telling them to is trying to hack them.
That leads to the situation where they instantly and completely distrust anyone telling them to disable/replace/edit their Antivirus in any way.
How do they deal with that?
Is it possible to launch a process and have it display a modal dialog which blocks the parent's dialog?
(I don't use Chrome at the moment and will install a new version later to check it out using Process Explorer)
> IME software will not be affected
See Robert O'Callahan's (ex-Mozilla employee) blog post on it.
And then read this fun Twitter thread from Justin Schuh, head of Chrome's security team, arguing with AV author Vess.
1. When you search for "Chrome" in IE, 2/3rds of the page is taken up by a special Microsoft ad.
2. When you switch default browsers to Chrome, Microsoft pops up a modal convincing you to keep Edge as the default, with a tiny "Switch anyway" button
3. Sometimes, the bottom tray will pop up with a tooltip saying 'Microsoft Edge is XX% faster than Chrome', and convince you to use Edge
4. The Battery icon in the OS will sometimes pop up a 'Chrome is draining your battery' message, while touting an Edge message. I'm not kidding.
I get at least 1 weekly notification to use Chrome. Either directly on google.com or on translate.google.com or several of their other properties. Despite me clicking "No" on the damned thing across as many devices as I can remember since Chrome appeared back in 2008.
I highly doubt that the Google Skynet isn't able to identify that's it's me across all these devices, considering my usage patterns. Or even better! Considering that I'm actually logged in to the Google Account permanently via Gmail...
I assume Chrome is just planning to make that block everything that's not Google or Microsoft code, probably with a short whitelist of things that are necessary.
A real challenge.
Besides, as mentioned in the other comments here, DLL injection is basically impossible to stop completely, so this will just lead to a bit of an "arms race" with no benefits to anyone. (Injecting into processes that try to stop it is pretty easy. I've done it before. But we shouldn't have to fight our software anyway.)
And all just so they can put an extra bullet point on their marketing. It'd be easier and less damaging just to make a standard extension.
On Windows and on most OSs, software is installed in a location that the standard user doesn't have write access to, and you require root/admin authorization to install. Chrome bypasses the OS security by installing itself in a way so that it can auto-install software/updates without the explicit consent of the user. If all software did this, it would soon be a security nightmare.
Very probably yes. One of the best ways to fend off viruses is ublock, after all.
Unfortunately, AV vendors have not really demonstrated the ability to do anything like that in a reliable or secure way.
If Chrome has a security hole that the AV vendors know about then they can fix it at source. This is a lot more robust than opening a giant hole in Chrome's sandbox in order to insert its own code inside.
I recall game makers using DMCA to sue cheat makers.