A modern browser does more than just serve up webpages. Good ones protect you from malicious sites, too. Chrome calls its take on this feature Safe Browsing — and the default version of it just got a boost.
Before Thursday’s upgrade, which was announced in a Google blog post, Chrome automatically checked links against a list of known bad sites, which was kept on your device and updated every 30 to 60 minutes. This standard mode in Chrome Safe Browsing, similar to rival browsers like Firefox, allowed user traffic to remain anonymous but left room for visiting shady web pages, since the lists weren’t refreshed constantly. For real-time defense, Chrome users had to opt into Safe Browsing’s Enhanced protections. These also enabled access to AI-powered identification of malicious links and pages. The trade-off was allowing Google to directly associate you with your browsing habits, including any downloads.
This diagram created by Google shows how Chrome Safe Browsing’s standard protection mode previously worked.
This diagram created by Google shows how Chrome Safe Browsing’s standard protection mode previously worked.
This diagram created by Google shows how Chrome Safe Browsing’s standard protection mode previously worked.
Now, with the newly launched update to Chrome Safe Browsing, standard protections will also check real-time lists — without the privacy compromise, as it still encrypts the URLs during verification. When you attempt to visit a web page, the browser will first check its locally stored database of safe websites. If the URL isn’t found, then a real-time check is performed. To do this while preserving user privacy, the web address first gets encrypted, and then only select parts of the resulting hash get passed to an intermediary server. Google calls this a “privacy server.”
This privacy server, which is run by a third-party company called Fastly, strips away details like your IP address and other potential identifiers before sending the partial hash to a Safe Browsing server. These data requests are pooled together across multiple Chrome users to further anonymize them.
The Safe Browsing server decrypts the data, looks to see what full URL hashes could match that request, then sends its findings back through the privacy server to Chrome. Chrome then checks the full hash of your URL against that information, and alerts you if it discovers any matches.
This diagram created by Google outlines how Chrome Safe Browsing’s standard protection mode now works.
This diagram created by Google outlines how Chrome Safe Browsing’s standard protection mode now works.
This diagram created by Google outlines how Chrome Safe Browsing’s standard protection mode now works.
You can think of this as similar to picking a vacation destination. You decide you want to try a place called “Ghost Town Falls,” and hand that to a driver. The driver checks that location against a list of safe areas, and if there’s no match, they call up dispatch to ask if the list of dangerous sites contain any locales with the letters “gh.” Dispatch then sends over any matches found, and if “Ghost Town Falls” is part of that info, your driver tells you that maybe you should go somewhere else.
Hashes and hash prefixes are more complex than the analogy here, so the Safe Browsing servers shouldn’t be able to guess what URLs the partial hashes represent. For a fuller rundown of the technical details, you can check out the Google Security Blog’s explanation of how the new standard Safe Browsing protections work.
In that same post, Google explains that the increased pace of malicious attacks necessitates real-time checks — it says most dangerous websites are online for less than 10 minutes at a time. When lists of risky sites are only updated every 30 to 60 minutes, would-be hackers have ample time to do damage.
As for Chrome users signed up for the Enhanced version of Safe Browsing, they’ll still benefit from additional protections. Standard Safe Browsing will only block websites known to be unsafe. Enhanced Safe Browsing will also block pages suspected to be untrustworthy, based on analysis performed by AI (in this case, machine learning). It also scans files and Chrome extensions. As before, Enhanced protections are opt-in within Chrome’s settings (Privacy and Security > Security).
With this upgrade, Chrome has raised the bar for its competition—but using an improved web browser will be just one portion of your online security. These days, setting up layers of protection is the smart way to go. Antivirus software also screens for malicious and phishing websites, and should anything slip through, a good suite will catch it fast. (That includes Windows’ built-in protections, too, though you’ll need turn on features like ransomware protection.) Two-factor authentication keeps an account locked even if your password is stolen or guessed. A password manager lets you use random and unique passwords to prevent people from cracking your passwords (or succeeding at login if they figure out one and start trying it across the web). And of course, having backups of your PC and its files lets you quickly restore your system if you have to start over.
It’s more work than in the early years of the internet, but it’s now unfortunately necessary. Security experts say the speed of attacks and malicious behavior will continue to increase, and so you should be prepared.
Author: Alaina Yee, Senior Editor, PCWorld
A 14-year veteran of technology and video games journalism, Alaina Yee covers a variety of topics for PCWorld. Since joining the team in 2016, she’s written about CPUs, Windows, PC building, Chrome, Raspberry Pi, and much more—while also serving as PCWorld’s resident bargain hunter (#slickdeals). Currently her focus is on security, helping people understand how best to protect themselves online. Her work has previously appeared in PC Gamer, IGN, Maximum PC, and Official Xbox Magazine.