Google Safe Browsing now performs real-time checks in privacy-preserving manner


Google has announced a new way to further protect its privacy-minded users who are browsing using Google Safe Browsing, which is a Google Search setting that warns users when they may be entering a potentially dangerous site. 

While it has warned users about harmful sites across 5 billion devices since its launch 15 years ago, Google says that over time unsafe sites have adapted to get around Safe Browsing. For most of its existence, Safe Browsing has worked by discovering unsafe sites and adding them to a list, so that when a user tries to visit a site, it first checks if the site is on that list and warns the user if it is. 

However, the list is only updated every 30 to 60 minutes, while most unsafe websites today have a shorter lifespan than that, which allows them to avoid detection long enough to get people to click on them. 

With the latest update, Google is introducing real-time protection to the Standard protection mode. It was previously available only in Enhanced mode. 

With this new real-time protection mode, unsafe sites are added to the list as soon as they are discovered. It will first check to see if the site is on the unsafe list, and if it doesn’t, it performs a check at that moment. 

According to Google, it does this in a privacy preserving way by converting the URL into 32-byte full hashes, and sending the hash prefixes to a privacy server to remove information that could be used to identify the user before sending it over to the Safe Browsing server.

“Ultimately, Safe Browsing sees the hash prefixes of your URL but not your IP address, and the privacy server sees your IP address but not the hash prefixes. No single party has access to both your identity and the hash prefixes. As such, your browsing activity remains private,” researchers from Google Chrome Security and Google Safe Browsing wrote in a blog post

Once in the Safe Browsing server, the hash prefixes are decrypted and matched against the server-side database, which provides the full hashes of any matches. This allows Chrome to show a warning for that site without compromising user privacy. 



Source link