Oh, the Irony! Chrome is Blocking Security Tool Nmap Downloads Considering it a Security Threat

[Batman 007]

Summary

 

Google's Safe Browsing service blocked Nmap downloads labelling it as a threat.

 

Quotes

Quote

Google Chrome blocked all Nmap downloads using its Safe Browsing service by labelling it as a threat.

Even though this has been fixed quickly. For many visitors trying to download the tool, this must have been confusing. A software that’s more than a decade old is now suddenly considered as a threat?

 

My thoughts

Google Safe Browsing is getting safer!

 

Sources

https://news.itsfoss.com/google-blocked-nmap-downloads/

[WereCatf]

Eh, I can see why an automated system could classify nmap as a hazard. Obviously, it doesn't do anything bad, but the behavioural patterns it emits could e.g. resemble a networked worm at work.

[Batman 007]

1 minute ago, WereCatf said:

Eh, I can see why an automated system could classify nmap as a hazard. Obviously, it doesn't do anything bad, but the behavioural patterns it emits could e.g. resemble a networked worm at work.

 

Hmm, true that, but it's not a new tool, though.

[Batman 007]

1 minute ago, ThatOneDunce said:

nm*p? Sounds like hate speech to me!

Wait, What? I had no idea about that!

[WereCatf]

Just now, Batman 007 said:

Hmm, true that, but it's not a new tool, though.

How's an automated system supposed to know what is new and what is old? And should it just ignore files that seem like they'd belong to an "old" project?

[Letgomyleghoe]

for the uninformed Nmap sends tcp or udp connections to a wide range of ports to check if they're open, filtered, or closed. You're supposed to have direct permission before scanning a target as an nmap scan can be labeled as abuse, or look like a worm as said above.

[Batman 007]

1 minute ago, WereCatf said:

How's an automated system supposed to know what is new and what is old? And should it just ignore files that seem like they'd belong to an "old" project?

Ah yes. I guess that's a trade-off with automated systems.

[Mark Kaine]

1 minute ago, WereCatf said:

How's an automated system supposed to know what is new and what is old? And should it just ignore files that seem like they'd belong to an "old" project?

An automated system still needs to be curated otherwise it's literally useless (which it in Googles case mostly is btw) 

[WereCatf]

Just now, Mark Kaine said:

An automated system still needs to be curated otherwise it's literally useless (which it in Googles case mostly is btw) 

Of course, but this seems like a case where they did some updates on the engine and accidentally broke one or more exceptions they had added for software like nmap. These kinds of things happen quite easily, but they're also typically easily fixable, since the exception is already there -- just need to figure out what part of the update broke it and fix that.

[WereCatf]

5 minutes ago, Letgomyleghoe said:

sends tcp connections

Minor nitpick: it can also be used for UDP-scanning as well.

[Letgomyleghoe]

5 minutes ago, WereCatf said:

Minor nitpick: it can also be used for UDP-scanning as well.

yep, my bad. editing now thank you lol.

[Loote]

TIL there's nmap for Windows, good.

[Mark Kaine]

1 hour ago, WereCatf said:

Of course, but this seems like a case where they did some updates on the engine and accidentally broke one or more exceptions they had added for software like nmap. These kinds of things happen quite easily, but they're also typically easily fixable, since the exception is already there -- just need to figure out what part of the update broke it and fix that.

yeah, I misunderstood it that you meant no one ever looks at these since it's "automated" but yeah those things happen and mostly get rectified pretty quickly, same with windows defender... I just often perceive it as "useless" because I wanna download a mod or something and it doesn't let me! (although you can force it to download anyways...)