News, 15.03.2024, 09:00 AM
By updating Safe Browsing this month, Google will provide all Chrome users with protection against malware and “phishing” in real time, without compromising privacy.
The company launched Safe Browsing in 2005 as a defense against web phishing and has since upgraded it to block sites that host malware, unwanted software, and various social engineering schemes.
Regime Improved safe browsing (Enhanced Protection), which uses artificial intelligence to block attacks, is available for those who want fast and proactive protection by deeper scanning of downloaded files.
Currently, the standard Safe Browsing feature checks sites, downloads, and extensions against a list of malicious URLs that is downloaded to the device from Google's servers every 30 to 60 minutes.
However, Google plans to move to real-time checking against its server-side list to keep up with cybercriminal websites that appear and disappear in less than 10 minutes.
“Safe Browsing already protects more than 5 billion devices worldwide from phishing, malware, unwanted software and more. Safe Browsing evaluates more than 10 billion URLs and files every day, showing more than 3 million user alerts for potential threats,” says Google. “If we suspect the site poses a risk to you or your device, you'll see a warning with more information. By checking sites in real time, we expect to block 25% more phishing attempts. The new feature, which will be available on Android later this month, uses encryption and other privacy-enhancing techniques to ensure that no one, including Google, knows what website you're visiting.”
Google says its real-time Safe Browsing protection protects user privacy with a new API that uses Fastly Oblivious HTTP (OHTPP) relays to obfuscate the URLs of visited sites.
Users' partially hashed URLs are passed to Google's Safe Browsing engine via an OHTTP server that hides their IP addresses and mixes hash checks with those sent from other users' web browsers for additional privacy protection.
“Google does not have access to user identifiers”, and how are they? explained from the company, Google and Fastly will not be able to match user browsing with their identity, thus ensuring user privacy.