Google enables real time checks in Chrome's Safe Browsing security feature

Martin Brinkmann
Sep 8, 2023
Updated • Sep 19, 2023
Google Chrome

Google announced a range of new features and changes for its Chrome web browser to celebrate the browser's 15th birthday. Among the changes are a bit of fresh paint for the browser's interface, a redesigned Chrome Web Store for browser extensions, the sidebar search feature, and also a change to how Safe Browsing works.

Safe Browsing is a security feature that is designed to protect Chrome users from opening websites that Google considers dangerous. It is like an antivirus program, but for the browser. Safe Browsing is also informing webmasters about issues, as some issues may be the result of hacks or modifications that the webmaster is unaware of.

Up until now, Chrome downloaded new Safe Browsing information from Google regularly. Google speaks of 30 to 60 minute intervals.

Soon, Chrome will switch to real time checks. Google notes that cyber criminals have become more sophisticated. About 60% of phishing domains, for example, exist for only 10 minutes according to Google.

The old update interval is too slow to protect users against these fast attack threats. Google estimates that the switching to real time checks will improve protections against malware and phishing by 25%.

The update will roll out in the next couple of weeks to the entire Chrome population.

Third-party browsers that use Safe Browsing

Chrome is not the only web browser that uses Safe Browsing. Many Chrome browsers do as well, and so does Mozilla's Firefox web browser. The change may affect some browsers, especially those that download the lists frequently, but it is unclear at this point.

Some browsers, like Brave Browser, proxy requests to Google Safe Browsing to protect the IP addresses of their users.

We asked Mozilla and Brave Software for statements regarding the change and will update the article once we have received replies.

A spokesperson for Mozilla provided the following statement regarding the change: "There is no impact to Firefox users. Chrome uses v5, and we use v4 that remains maintained."

Brendan Eich provided the following statement: "Google’s SBv5 preserves the privacy properties we rely on. In particular, URLs are not sent to a server (unlike in Microsoft's equivalent system). We plan to enable in Brave, but not before Chrome finishes their roll out and we set up proxies to protect our users' IP addresses."

Microsoft maintains its own list and uses it for protection in its Edge web browser.

Closing Words

Regardless of whether the Safe Browsing checks happen against a locally downloaded list or online in real-time, Google is aware of them in Google Chrome. For users, it improves security as Safe Browsing protection's against malicious sites that are pulled quickly by their creators are improved.

Now You: are real time checks a step in the right direction?

Article Name
Google enables real time checks in Chrome's Safe Browsing security feature
Google is changing Google Chrome's Safe Browsing feature from 30-60 minutes updates to real time checks.
Ghacks Technology News

Previous Post: «
Next Post: «


  1. Anonymous said on September 17, 2023 at 11:38 pm

    From Google’s blog, “we’re upgrading the Standard protection mode of Safe Browsing so it will now check sites against Google’s known-bad sites in real time, without sharing your browsing history with Google”

    I could not find the technical details for the changes. Before, the system was rather private for URL checks, and very invasive for downloads checks, and the same was true for all browsers using safebrowsing, including Firefox.

    For URLs, a remote check was done only if the (truncated hash of the cleaned) URL was found in the locally downloaded blacklist, so not all visited URLs were sent to Google (well in an older past they were doing something like that, awful for privacy, but they stopped, although not for privacy reasons, but because they were getting too many requests). And even that remote check was only sending the truncated hash of the cleaned (query parameters removed…) URL, so the actual URL was likely not inferable by Google, although that’s not fully obvious.

    For downloads, in most of the cases, remote checks are done, including even non binaries: Google knows who downloads what, when, from where. When questioned about that part, embarassed Mozilla employees were caught lying that this is not how it works and deflecting the attention to the URL part to pretend that there is a technical privacy protection included. So it’s hard to make that part worse. Maybe possible by including 100% of the downloads ?

    I suspect that they changed only the URL part because the downloads part was already real time. They claim not to share the browsing history with Google. My guess is that they send a truncated hash of all (cleaned) URLs visited in real time. Even assuming that the original system was really private, this one may make it easier to reconstruct the URLs by looking at several hashes in a sequence.

    My fear is that this new system propagates to all other browsers. Some of them insisted a lot on the privacy properties to let users accept Google safebrowsing as a default (that sometimes can’t even be disabled, like on mobile Firefox), and now the backstabbing of checks no longer being mostly local, and many interested users will probably not even hear about it. Even if one is ready to believe that Google can’t reconstruct browsing histories, pinging Google for every visited URL might not feel tasty to many privacy conscious users.

  2. npp said on September 9, 2023 at 12:01 pm

    Useless shit, Google Safe Browsing always give false positive, what is the point of relying on such garbage ?

  3. owl said on September 9, 2023 at 2:09 am

    Article subject: Google enables real time checks in Chrome’s Safe Browsing security feature

    Even if it is “common sense” for those who subscribe (can do) to, the reality is from the best to the worst, and many people have no more than a “stupid monkey” ability.
    I’m not making fun of them, but the current state of the web is forcing them to do this.

    The Web now covers every corner of the globe, and everyone can enjoy its benefits.

    However, literacy rates are low in much of the world, and there are people who cannot read or write even their own language. Furthermore, the native language support rate is low, so they are just using it by imitating what they see.

    By the way, in Japan, which is said to be an IT powerhouse, the current government has made it mandatory for all citizens to use the web version of the My Number Portal Card. All citizens include men and women of all ages, from newborn children to those living in a hospital in a persistent vegetative state.

    Considering the reality of such a world, Google’s an expedient is not necessarily “unreasonable”.

    The above is a general statement, but in my opinion (and probably many of’s subscribers),
    this topic (the example in the article) is a type of espionage, and it can be used for the benefit of the surveillance and control society.
    “Security feature” is a risk that Because it is in also matches with the Japanese government’s intentions (to monitor and control all citizens), and as a result, there is a danger that individual rights will be taken away and a fate oppressed by the rulers.

    “Security functions” are used to the advantage of the rulers, and we, the users, will inevitably be disadvantaged.

    1. owl said on September 9, 2023 at 5:09 am

      The “web version of the My Number Portal Card” links all public services (such as obtaining and renewing passports and driver’s licenses, use of medical services, receiving pensions), and personal income and expenditures, etc, for people living in Japan to a digital ID card.
      The current ruling party has used its power to legislate the requirement, but the refusal rate is 40%, and the system has stopped functioning due to continued troubles.

      In the first place, not everyone is “web-savvy”, so there is a serious risk no different than “play with fire”.
      More than anything, the original purpose (a means of monitoring and controlling the entire population) is It violates individual rights.

  4. 11r20 said on September 8, 2023 at 9:12 pm

    I stay away from everything the ‘mountain-view-crowd’ has ever created or creates…including e100 networks.

    Not everyone wants to be ‘googled-up’ with endless tracking,
    redirects and censorship.

    One should take the responsibility to monitor & research their own network connections.

  5. Andy Prough said on September 8, 2023 at 5:46 pm

    “Dear Plebes, The internet is so dangerous that unless we monitor you every moment including everything that you say and do and everywherre you go, and who you spend time with and where you spend your money, then unfortunately the bad people will get inside your phone and your computer and will ruin your life. You’re Welcome. Sincerely, your Google Overlords”

    1. owl said on September 9, 2023 at 4:04 am

      @Andy Prough,

      I like your witty and sarcastic comments.
      A biting, but that’s spot on.

      1. Andy Prough said on September 9, 2023 at 10:20 pm

        I was just trying to translate it from Google-speak to plain English. Unfortunately I think that the English language fails to fully capture the complete disdain the Google Overlords have for the users of their products.

  6. basicuser said on September 8, 2023 at 5:27 pm

    This article is about Chrome, but don’t forget Google Safebrowsing is integrated into “independent” Firefox.

    1. Cor Invictus said on September 9, 2023 at 1:10 pm

      You just go to about:config, type “google” and delete/deactivate anything.
      In Brave you set to “No protection” in brave://settings/security, and you can also enable the flag: “Override download danger level” but only if you have strong browsing discipline.

    2. owl said on September 9, 2023 at 4:28 am

      > Google Safebrowsing is integrated into “independent” Firefox.

      Your point is correct, but they can be completely “opted out”.
      In the case of Chrome, it is unclear what will happen each time it is updated.

      In the first place, the user level is different.
      While most Chrome users stick with the defaults (they’re mechanically ignorant and don’t have the ability to customize), Brave and Firefox or others users have the ability to “tweak things to own liking.”
      The reality is that they are “similar but different”.

      1. Anonymous said on September 17, 2023 at 10:50 pm

        “Your point is correct, but they can be completely “opted out”.”
        “While most Chrome users stick with the defaults (they’re mechanically ignorant and don’t have the ability to customize), Brave and Firefox or others users have the ability to “tweak things to own liking.””

        Not on mobile, no.

  7. Tony said on September 8, 2023 at 3:45 pm

    So basically they are upgrading to real-time spyware. Got it. Glad I don’t use Chrome.

  8. ECJ said on September 8, 2023 at 2:27 pm

    The problem with companies like Google, Facebook and Microsoft running things, is they are advertising companies and advertising companies are unscrupulous f*ckers who repeatedly keep getting caught doing scummy things to consumers in order to make a few extra bucks.

    So when it comes to security features, although they may be seemingly beneficial to end users, a lot of people do not want to enable the features because the companies behind them are untrustworthy and will find a way to abuse the data. Lax legislation and regulation of these advertising companies is actively harming consumers.

  9. John said on September 8, 2023 at 2:08 pm

    My issue with this is not about the security benefits of this active protection. But that Google is mandating it and does not offer a opt out if a user choses not to use the service which does send web site information to Google. It does raise privacy questions for web browsers like Firefox and Brave. I realized once I saw Google pushing to enable Enhanced security that this would soon replace every other option. No thanks Google I think users need a way to turn this feature off.

    1. Martin Brinkmann said on September 8, 2023 at 2:31 pm

      John, you can switch to “No Protection” in Chrome chrome://settings/security, which appears to turn off Safe Browsing in Chrome.

      1. Karl said on September 8, 2023 at 4:05 pm


        I only reply to your comment so that you might see my comment, tried to find a contact email directly to you but came up empty handed. It is about if you feel like making one of your little add-on reviews that you do every now and then. They are often about add-ons that few have heard about but that many find useful, perhaps this could be one of those. I have not tested the add-on myself yet so I don’t know if it works as expected or not, I found it last week during my search on how to get around this as the constant popups never ends.
        And adding blocking rules (the few I came across during my search) to e.g uBO seem to have little to no effect at all, at least not without creating side-effects causing problems with how the pages loads in the browser.

        It is regarding:

        Take care and have a nice weekend!

  10. Cor Invictus said on September 8, 2023 at 1:58 pm

    In order to understand the scam, one has to carefully read the words they use: “might”, potentially”, “may”. Meaning that they don’t know for sure if there is a real threat, but are using fear mongering tactics to deceive. Because you’d rather let Google know than some boogeyman/monster, right!.
    Exploiting people’s fears, that’s what it is.

  11. TelV said on September 8, 2023 at 12:34 pm

    I use Floorp which is a fork of Firefox. Floorp also includes many additional safety features including the ability to bypass the requirement on some webpages to “signup…” in order to continue reading a given article.

    Apart from that, I’ve switched to using as my default search engine now which takes its results from Google, but without having to accept the usual tracking requirements associated with Google. You can add it easily to Floorp / Firefox with this addon by Tom Schuster “

    Malwarebytes Premium takes care of any malware sites that might escape the filters.

    1. Karl said on September 8, 2023 at 3:38 pm

      Hi, regarding…

      “Floorp also includes many additional safety features including the ability to bypass the requirement on some webpages to “signup…” in order to continue reading a given article.”

      Could you give an example of a website where this works? The occassions when I need to try a few “tricks” when I need to access 1 article only, all seem to fail. It includes changing the user agent string using the add-on User-Agent Switcher or the add-on Bypass Paywalls Clean, so far I have not come across any site where any of them have worked.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.