– Google has announced a major change to its Safe Browsing feature in Chrome to make it work in real time without sharing browsing habits with the company
– The new system will send URLs you visit to Google’s servers for real-time checks against an updated list to catch more phishing attacks
– The process involves Chrome encrypting and sending hashed URLs to a privacy server before they are checked by the Safe Browsing server; Fastly’s Oblivious HTTP privacy server is used to anonymize user metadata without revealing identifying information to Google
Google has made improvements to its Safe Browsing feature in Chrome, transitioning to a real-time system that checks URLs against a server-side list without sharing browsing data with Google. This change allows Chrome to rapidly update its list of known malicious sites, catching up to 25% more phishing attacks compared to using local lists that have grown in size.
The new system has been rolled out to desktop and iOS users, with Android support coming later this month. This update may sound familiar to users who are aware of the Safe Browsing Enhanced Mode, which uses AI to block attacks, perform deeper file scans, and protect against malicious Chrome extensions. The Enhanced Mode remains opt-in, while the standard protection mode does not utilize these AI features.
Google ensures user privacy by obfuscating URLs, encrypting hash prefixes, and utilizing Fastly’s Oblivious HTTP privacy server to strip out identifying information from browser requests. This collaboration between Google and Fastly allows for the anonymization of user metadata, ensuring that Google’s Safe Browsing service never sees IP addresses while Fastly does not have access to encrypted URLs.
Overall, these changes enhance user security by providing real-time protection against malware, unwanted software, and phishing scams without compromising user privacy. The use of server-side lists and encryption technologies ensures that browsing habits remain private while still allowing for effective threat detection.