Google Provides Chrome Users with Enhanced Real-Time URL Security

Google Provides Chrome Users with Enhanced Real-Time URL Security

Google Provides Chrome Users with Enhanced Real-Time URL Security

Google introduced an enhanced variation of Safe Browsing on Thursday. This development aims to prevent users from accessing potentially malicious websites and offer real-time, privacy-preserving URL protection.

Google’s Jonathan Li and Jasika Bawa stated, “The Regular security setting for Chrome on desktop and iOS will compare sites in real-time to Google’s server-side list of known malicious sites.”

“As soon as we determine that a website may be hazardous to you or your device, a warning will appear with additional details. Through real-time site monitoring, we anticipate thwarting 25% more phishing attacks.”

Until now, the Chrome browser employed a locally-stored, every 30-to-60-minute-updated list of known hazardous sites, comparing each site visited to the database using a hash-based approach.

In September 2023, Google initially disclosed its intentions to transition to real-time server-side checks while maintaining the confidentiality of users’ browsing histories.

The search colossus stated that the change was necessitated by the rapid expansion of the list of malicious websites and the fact that sixty percent of phishing domains exist for less than 10 minutes, rendering them difficult to block.

“Not every device has the capacity required to keep up this expanding list, nor are they constantly capable of getting and using updates to the list at the frequency required to benefit from full security,” according to the report.

Thus, in order to determine the status of a website, the new architecture verifies the URL against the browser’s global and local caches comprising confirmed secure URLs and the findings of earlier Safe Browsing checks each time a user attempts to visit the site.

In the event that the URL being accessed is not cached, a real-time verification process is initiated wherein the URL is obscured using 32-byte full hashes. These hashes are subsequently truncated into 4-byte long hash prefixes, encrypted, and transmitted to a privacy server.

“The anonymity server eliminates possible user identifiers and transmits the encrypted hash prefixes to the Safe Browsing server via an encrypted connection using TLS that combines queries with many other Chrome users,” Google explained in detail.

Following this, the hash prefixes are decrypted by the Safe Browsing server, which then compares them with the server-side database in order to provide complete hashes of any hazardous URLs that match a hash prefix transmitted by the browser.

Ultimately, the complete hashes are compared against the complete hashes of the URL that was visited on the client side; if a match is detected, a warning message is presented.

Additionally, Google verified that the privacy server functions as an Oblivious HTTP (OHTTP) relay managed by Fastly. This relay is positioned between Chrome and the Safe Browsing server and serves the purpose of obstructing the latter’s access to users’ IP addresses. By doing so, it obstructs the safe browsing server from correlating URL checks with an individual’s internet browsing history.

“Eventually, Safe Browsing considers the hash prefixes of your URL but not your IP address, and the privacy server sees your IP address but not the hash prefixes,” according to the organization. “There is no individual party that possesses access to both your identity and the hash prefixes.” Consequently, your browsing history remains private.

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space.  Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM.  Naager entered the field of content in an unusual way.  He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts.  He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field.  In the bottom line, he frequently writes for Craw Security.


Birth of a Fresh BunnyLoader Malware Variant with Modular Attack Capabilities

Italian PM Meloni Demands €100,000 in Compensation for Deepfake Adult Videos on US Porn Sites.

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *

Open chat
Can we help you?