Google has announced that it is changing its Safe Browsing API in order to warn of additional types of abusive software. Safe Browsing is a public web service used by Google Chrome, Mozilla Firefox and Apple Safari. When the user navigates to a site or downloads a file, Safe Browsing checks that site or file against a list of sites determined by Google to serve phishing or malware attacks and malicious file signatures. Starting next week, Safe Browsing will warn of programs that may not qualify as malware and are disguised as a helpful download, but which "...make unexpected changes to your computer — for instance, switching your homepage or other browser settings to ones you don't want." Such programs are common. They can change search engines, the home page, insert ads or even weaken security settings.
It's not clear whether the changes will be available to Firefox or Safari immediately or, if they are, whether those browsers will need to update software to take advantage of it. We have asked Google and will update this story when it responds.
Google's public definition of malware as used by Safe Browsing is short on specifics. Such definitions have been controversial over time, as some sites, especially those which serve advertising, try to push the limits without running afoul of important gatekeepers like Google.