Chrome's new Real-Time Protection feature explained
Google announced this week that it is introducing real-time Safe Browsing checks in Chrome for default configurations. Safe Browsing is a protective feature that supports two modes in Chrome: the default option uses a list of flagged URLs that Chrome downloads periodically to determine the safety of a site. The second option, called Enhanced Protection, sends URLs to Google already for checking.
The change, which is rolling out in the coming weeks, enables real-time checks for the Standard Protection feature as well. Google explains that this step is necessary, as cyber criminals run operations regularly that are set up and disabled in mere minutes.
The traditional Safe Browsing downloads definitions every 30 to 60 minutes, which sometimes resulted in reported sites having been pulled already before the information about them landed in Chrome.
Standard and enhanced real-time checks differ significantly though. Google made no mention of this in the announcement, but we have been told that the new functionality uses Fastly Oblivious HTTP Relays. This has also been confirmed by our colleagues over at Bleeping Computer, who were informed by Google Chrome product manager Jasika Bawa about it.
Google entered a partnership with Fastly in March 2023 to use Fastly's Oblivious HTTP relay for the Privacy Sandbox feature in Google Chrome. The main idea behind using the relays is to improve privacy for users by sending "partially hashed URLs" to Google's Safe Browsing engine. Personal information about users, such as the device's IP address or header information, is not submitted to Google as a consequence.
Google's Safe Browsing checks the submitted data against its database in real-time and returns to the browser whether the submitted URL should be blocked or not.
The lack of related data, such as metadata, prevents heuristic examinations of submitted addresses, however. In other words, the URL needs to have been flagged previously and added to Google's Safe Browsing database before it can protect Chrome users from opening that URL. Enhanced Protection does not have this limitation, as it submits more data to Google.
Google told Bleeping Computer that it is not using the data sent to Google servers for unrelated features, including advertisement.
Chrome users may also disable Safe Browsing in the Chrome web browser, but this is only advised if another form of protection is available.
Now You: Do you use Chrome and/or Safe Browsing?
Martin, why is this Sep. 10 article the last on your RSS feed? It’s Sep.28th now and no updates since this article.
Please check https://www.ghacks.net/feed/ in your browser and let me know if you see newer articles.
Don’t and won’t use Chrome.
I use Firefox with security/privacy dialed up to 11, plus VPN-level filtering DNS filtering (Mullvad, recommended) for browsing, and unGoogled Chromium in out-of-the-box configuration (other than adding permanent incognito mode) for things like bank and government sites that don’t play well with FF.
“Google told Bleeping Computer that it is not using the data sent to Google servers for unrelated features, including advertisement.”
Then she said she’d call me…
Notice that it doesn’t say anything about Google not using its vast database of fingerprinted users to match against these submissions, or of using that data for advertising. That’s what companies pay ad dollars to Google for, they wouldn’t want the partially obscured hashes anyway, just the matches with the fingerprinted users.
Speaking of Chrome, it will soon be possible to read articles aloud (just like in Edge):
https://twitter.com/Leopeva64/status/1699819568854667651?s=20
Chrome will also have an option to make the theme color match the Windows accent color:
https://twitter.com/Leopeva64/status/1700706765904503139?s=20
.
I don’t use Chrome much anymore. I don’t even maintain a Google account as I don’t like Google calling the shots for all of the internet. We already have majority of browsers using Chromium which is highly influenced by Google and now Microsoft. It will be interesting to see what Firefox and Brave chose to do with this enhanced browser security function.
ghacks.net/2023/08/23/firefox-users-may-import-chrome-extensions-now/