Chrome's new Real-Time Protection feature explained
Google announced this week that it is introducing real-time Safe Browsing checks in Chrome for default configurations. Safe Browsing is a protective feature that supports two modes in Chrome: the default option uses a list of flagged URLs that Chrome downloads periodically to determine the safety of a site. The second option, called Enhanced Protection, sends URLs to Google already for checking.
The change, which is rolling out in the coming weeks, enables real-time checks for the Standard Protection feature as well. Google explains that this step is necessary, as cyber criminals run operations regularly that are set up and disabled in mere minutes.
The traditional Safe Browsing downloads definitions every 30 to 60 minutes, which sometimes resulted in reported sites having been pulled already before the information about them landed in Chrome.
Standard and enhanced real-time checks differ significantly though. Google made no mention of this in the announcement, but we have been told that the new functionality uses Fastly Oblivious HTTP Relays. This has also been confirmed by our colleagues over at Bleeping Computer, who were informed by Google Chrome product manager Jasika Bawa about it.
Google entered a partnership with Fastly in March 2023 to use Fastly's Oblivious HTTP relay for the Privacy Sandbox feature in Google Chrome. The main idea behind using the relays is to improve privacy for users by sending "partially hashed URLs" to Google's Safe Browsing engine. Personal information about users, such as the device's IP address or header information, is not submitted to Google as a consequence.
Google's Safe Browsing checks the submitted data against its database in real-time and returns to the browser whether the submitted URL should be blocked or not.
The lack of related data, such as metadata, prevents heuristic examinations of submitted addresses, however. In other words, the URL needs to have been flagged previously and added to Google's Safe Browsing database before it can protect Chrome users from opening that URL. Enhanced Protection does not have this limitation, as it submits more data to Google.
Google told Bleeping Computer that it is not using the data sent to Google servers for unrelated features, including advertisement.
Chrome users may also disable Safe Browsing in the Chrome web browser, but this is only advised if another form of protection is available.
Now You: Do you use Chrome and/or Safe Browsing?Advertisement