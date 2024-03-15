



Google on Thursday announced enhancements to Safe Browsing that provide privacy-preserving real-time URL protection and protect users from visiting potentially malicious sites.

Google's Jonathan Lee and Jasika Bawa said, “Standard Protected Mode in desktop Chrome and iOS checks sites in real time against Google's server-side list of known malicious sites.” Ta.

“If we suspect a site poses a risk to you or your device, you'll receive a warning with detailed information. By checking sites in real time, we expect to block 25% more phishing attempts. doing.”

Previously, the Chrome browser used a locally stored list of known unsafe sites that was updated every 30 to 60 minutes and utilized a hash-based approach to compare every site you visited against a database. was doing.

Google has revealed for the first time that it plans to stop sharing users' browsing history with the company in September 2023 and switch to real-time, server-side checks.

The reason for the change is the rapidly growing list of malicious websites and the fact that 60% of phishing domains exist for less than 10 minutes and are difficult to block. says the search giant.

“Not all devices have the resources necessary to maintain this ever-growing list, nor can they always receive and apply list updates as frequently as necessary to benefit from full protection. No,” he added.

Therefore, each time a user tries to access a website, the browser's global and local caches containing known safe URLs and the results of previous Safe Browsing checks are used to determine the status of the site. The URL is checked against.

If the visited URL is not in the cache, a real-time check is performed by obfuscating the URL to a full 32-byte hash, then truncated to a 4-byte long hash prefix, encrypted, and sent to a privacy server. It will be sent.

“Privacy servers forward the encrypted hash prefix to Safe Browsing servers over a TLS connection, which removes potential user identifiers and mixes the request with many other Chrome users,” Google says. explained.

The Safe Browsing server then decrypts the hash prefixes, checks them against a server-side database, and returns a complete hash of all unsafe URLs that match one of the hash prefixes sent by the browser.

Finally, on the client side, the full hash is compared to the full hash of the visited URL and a warning message is displayed if a match is found.

Google also notes that the Privacy Server is none other than the Oblivious HTTP (OHTTP) relay operated by Fastly, which sits between Chrome and the Safe Browsing servers and prevents the Safe Browsing servers from accessing your IP address, thereby URL checking and user internet browsing history.

“Ultimately, Safe Browsing recognizes hash prefixes in URLs, but not IP addresses. Privacy Servers recognizes IP addresses, but not hash prefixes,” the company emphasized. “No one party has access to both your identity and your hash prefix, so your browsing activity remains private.”

