By NewsBlogger Google has introduced an upgraded version of Safe Browsing for Chrome on desktop and iOS, utilizing real-time, privacy-preserving URL protection to enhance security and block phishing attempts by 25%.
At a glance
- Google announced enhanced Safe Browsing for real-time, privacy-preserving URL protection
- 25% increase in blocking phishing attempts anticipated
- New architecture involves global and local caches, real-time server-side checks
- Privacy server operates as an Oblivious HTTP relay for user privacy
- The goal is to bolster online security with real-time checks and privacy measures
The details
Google recently announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection.
This new feature, intended for Chrome on desktop and iOS, will implement a Standard protection mode that checks websites against Google’s list of known malicious sites in real-time.
By making this switch, Google anticipates a 25% increase in the blocking of phishing attempts.
Prior Enhancement
Prior to this enhancement, the Chrome browser relied on a locally stored list of unsafe sites that was updated every 30 to 60 minutes.
However, with the rise of harmful websites and the fleeting existence of phishing domains, Google has decided to transition to real-time server-side checks that do not compromise users’ browsing history.
New Architecture
The new architecture involves checking URLs against both global and local caches of known safe URLs and previous Safe Browsing checks.
In cases where a URL is not found in these caches, a real-time check is conducted by converting the URL into 32-byte full hashes.
These encrypted hash prefixes are then transmitted to a privacy server via a secure TLS connection.
The Safe Browsing server decrypts the hash prefixes and cross-references them against its database to return full hashes of any unsafe URLs.
Upon receiving these full hashes, the client side compares them and displays a warning message if a match is found.
To ensure user privacy, the privacy server operates as an Oblivious HTTP (OHTTP) relay managed by Fastly.
This setup prevents the exposure of users’ IP addresses to Safe Browsing, which only sees hash prefixes of URLs.
Conversely, the privacy server solely observes IP addresses and not hash prefixes, maintaining the confidentiality of browsing activity.
Overall, this new development by Google aims to bolster online security by leveraging real-time checks and privacy-preserving measures to safeguard users’ browsing experience.
Article X-ray
Sources
Here are all the sources used to create this article:
Facts attribution
This section links each of the article’s facts back to its original source.
If you suspect false information in the article, you can use this section to investigate where it came from.
| thehackernews.com |
|---|
| – Google announced an enhanced version of Safe Browsing for real-time, privacy-preserving URL protection – The Standard protection mode for Chrome on desktop and iOS will check sites against Google’s list of known bad sites in real-time – Google expects to block 25% more phishing attempts with the real-time checks – Chrome browser previously used a locally-stored list of known unsafe sites updated every 30 to 60 minutes – Google plans to switch to real-time server-side checks without sharing users’ browsing history – The change is motivated by the rapid growth of harmful websites and the short lifespan of phishing domains – New architecture checks URLs against global and local caches of known safe URLs and previous Safe Browsing checks – If URL is not in the caches, a real-time check is performed by obfuscating the URL into 32-byte full hashes – Encrypted hash prefixes are sent to a privacy server via a TLS connection – Safe Browsing server decrypts hash prefixes and matches them against the database to return full hashes of unsafe URLs – Full hashes are compared on the client side and a warning message is displayed if a match is found – The privacy server is an Oblivious HTTP (OHTTP) relay operated by Fastly to prevent access to users’ IP addresses – Safe Browsing sees hash prefixes of URLs but not IP addresses, and the privacy server sees IP addresses but not hash prefixes – Browsing activity remains private with this setup |
