Search code examples
securitydelphigoogle-chromedelphi-2009

Delphi applications considered 'dangerous' by Google Chrome

I often produce mathematical software in Delphi 2009, and publish it on my web site. However, the last year or so, Google Chrome has started to consider a small (but increasing!) number of my EXEs 'harmful', and Google Chrome refuses do download them.

For example, today I wrote a program that visualises the Lorenz attractor. You can find it at https://specials.rejbrand.se/chaos/lorenz/; it's lorenz.exe.

When I use Google Chrome to download this EXE, the following prompt appears:

Screenshot of prompt in Google Chrome

(Yeah, I actually did try it three times...)

This is Swedish, and the text says "%s is harmful and has been blocked by Chrome". The button says "Remove permanently", and the drop-down menu doesn't offer any other actions (like "I know the file is safe, please let me have it").

Obviously, this is kind of a problem. As far as I know, the EXEs are perfectly safe. At least the code I have written is not harmful in any way, but I suspect there is a theoretical possibility that the Delphi compiler has started to add harmful code behind my back.

Questions

  1. Is there something harmful about my EXEs?
  2. Is there some way to make Google Chrome not block my EXEs?
Solution

  • "Is there something harmful about my EXEs?"

    No.

    Here's a link to the results of Jotti's malware scan (which results with: 22 out of 22 scanners "found nothing"):

    http://virusscan.jotti.org/en/scanresult/df25dbecfccc5d10862f52236d664d48d0c72058


    The link to virustotal scan (detection ratio = 0/53):

    https://www.virustotal.com/en/file/51d9d637a17f5876c371e5eec164e1dc48a35c56900a3235a9c656d10687814a/analysis/1408587813/


    "Is there some way to make Google Chrome not block my EXEs?"

    One option is to make it block nothing, evidently it's crap anyway. The option is in the "privacy" section in "advanced settings", here are the instructions:

    https://support.google.com/chrome/answer/4412392?p=ib_download_blocked&rd=1


    Otherwise, you can check what google thinks about safety of your site:

    http://www.google.com/safebrowsing/diagnostic?site=rejbrand.se

    The report seems to be somewhat indeterminate. Here's a quote (for rejbrand.se):

    Has this site hosted malware?
    Yes, this site has hosted malicious software over the past 90 days. It infected 0 domain(s), including .


    Presumably you can also request a site review in the security issues of google webmaster tools. But apparently it's not always fruitful. That last link also suggests there's a way to send samples to google hoping that they would analyze better (AFAICT it's not part of webmaster tools), but this might not turn out to be practical depending on the number of executables/versions you produce.