Google has announced an enhanced version of Safe Browsing to protect users from potentially malicious sites in real-time. The new Standard protection mode for Chrome on desktop and iOS will check sites against Google’s server-side list of known bad sites and block 25% more phishing attempts.
The decision to switch to real-time server-side checks without sharing users’ browsing history was made in response to the growing number of harmful websites and the short lifespan of phishing domains. The new architecture checks every URL against global and local caches of known safe URLs and previous Safe Browsing checks to determine a site’s status.
When a user attempts to visit a website, the URL is checked against the caches. If the URL is not found, a real-time check is performed by encrypting hash prefixes of the URL and sending them to a privacy server. The Safe Browsing server then decrypts the hash prefixes and matches them against the server-side database to return full hashes of unsafe URLs.
Google confirmed that the privacy server is an Oblivious HTTP relay operated by Fastly to prevent access to users’ IP addresses, ensuring privacy. Safe Browsing only sees the hash prefixes of the URL and not the IP address, while the privacy server only sees the IP address and not the hash prefixes, keeping browsing activity private.
Overall, the new Safe Browsing system aims to provide real-time protection against malicious sites while preserving user privacy. By utilizing a combination of global and local caches, encryption, and a privacy server, Google aims to enhance security for Chrome users without compromising their privacy.
Source link