However, it seems that for a day at least, Google Chrome blocked all Nmap downloads using its Safe Browsing service by labelling it as a threat.
Even though this has been fixed quickly. For many visitors trying to download the tool, this must have been confusing. A software that’s more than a decade old is now suddenly considered as a threat?
Nmap Project also tweeted about it to inform all the potential users who were blocked from downloading it while using Google Chrome or any other browser with Google Safe Browsing enabled:
Google’s Broken Safe Browsing Service
In some cases, they also mark the domain that links to other phishing sites as dangerous. This is a problem because you can end up linking a website that wasn’t malicious initially but was blacklisted in the service for some reason.
For instance, our news portal could have been potentially blocked by Google Safe Browsing just because we linked to “Nmap” in the past (which they considered as a threat temporarily).
Fortunately, that is not the case, but this has happened with a lot of webmasters.
Nmap Project also mentioned in a tweet that last week Google Chrome blocked a 24-year-old tarball package from their historical archives:
Last week Google Chrome wrongfully blocked a 24-year-old tarball of L0phtcrack source code from our historical archives as “malware”. That one has been fixed, but it’s still frustrating when Big Tech companies block content so carelessly.
In this case, they also noticed that Google’s manual review process wasn’t quick enough but when they ended up Tweeting about this issue, this was resolved quickly.
So, it definitely sounds like Google’s Safe Browsing service needs improvement.
Have you encountered any similar false positives by Google’s Safe Browsing that prevented you to access something? Let me know your thoughts in the comments below.