Explain why Chromium thinks this download is so dangerous that I should not be allowed to download it.

219 views
Skip to first unread message

Gregory Huey

unread,
May 28, 2024, 4:44:12 AMMay 28
to securi...@chromium.org
Hey Chromium Developers,
I'm getting pretty pissed off with chromium BY DEFAULT blocking my downloads - because it (wrongly) assumes strange things are dangerous.

First, I own my computer - not you - so I must decide what to download and what not to. There needs to be a setting in chromium that tells it never to block a download. I have the 'protection' setting turned completely off - yet still I have to double-check each download to see if chromium actually did as I told it. This is unacceptable.

Secondly, let us look at an example of a 'dangerous' file that chromium blocks the download of:
http://theory.caltech.edu/~kapustin/QM_colloq.pdf

I don't care how much you side with Einstein and believe the EPR paradox demonstrates the illegitimacy of quantum mechanics, or steadfastly insist that 'God does not play dice with the Universe' - I insist that chromium must have a setting to turn off your bullshit-paranoia download-blocking. You either implement such a setting, or I will have to clone the source-code repository, turn off ALL your bullshit paranoia, and redistribute it to everyone who agrees you are overstepping your bounds.

My computer, my decision.

Greg Huey

Arthur Sonzogni

unread,
May 30, 2024, 10:36:18 AMMay 30
to Gregory Huey, securi...@chromium.org

Hi Gregory,

Thank you for your feedback. For further discussion and feature requests, I encourage you to open a bug on our issue tracker at https://crbug.com/. This will allow you to directly communicate with the engineers responsible for these features.

I suspect the warning you're encountering is a safety feature designed to protect users from potential threats when downloading files from insecure (HTTP) connections. Users can choose to proceed with the download, once they are aware of the associated risks. An attacker on your local network can impersonate this website and deliver malicious files not originating from it.

If the website delivers the file over a secure (HTTPS) connection, the warning should not appear. For example, you can try accessing the same file over HTTPS here: https://cdn.glitch.global/96f7eeaf-eb60-48ab-a6d7-16f20bd68860/QM_colloq.pdf?v=1716890210284

Thank you for your understanding.

Arthur @arthursonzogni

Arthur @arthursonzogni

Reply all
Reply to author
Forward
0 new messages