Google he said a major change to its Safe Browsing feature in Chrome today, which will make the service work in real-time by checking a server-side (Google) list, all without sharing your browsing habits with the company (if there are some left that he doesn't know).
Before, Chrome would download a list of known sites that host malware, unwanted software and phishing scams once or twice an hour.
Now, Chrome will adopt one system which will send the URLs you visit to the company's servers and check a list that is updated instantly. The advantage is that you won't have to wait up to an hour to get an updated list, because as Google reports, the average malicious website not present for more than 10 minutes.
The company claims that this new system can catch up to 25 percent more phishing attacks compared to using local lists. These local lists have also grown in size, putting more strain on low-profile machines as well as low-bandwidth connections.
Google is making this new system available to desktop users computers and iOS, with support for Android devices coming later this month.
Google seems to be going to great lengths to explain how this real-time system can work without sharing your browsing data with the company. Here's how Google describes this process:
When you visit a site, Chrome first checks its cache to see if the address (URL) of the site is already known to be safe (see the “Staying speedy and reliable” section for details).
If the visited URL is not in the cache, it may be unsafe, so a real-time check is necessary.
Chrome obfuscates the URL by following the URL hashing guidance to convert the URL into 32-byte full hashes.
Chrome truncates the full hashes into 4-byte long hash prefixes.
Chrome encrypts the hash prefixes and sends them to a privacy server.
The privacy server removes potential user identifiers and forwards the encrypted hash prefixes to the Safe Browsing server via a TLS connection that mixes requests with many other Chrome users.
The Safe Browsing server decrypts the hash prefixes and matches them against the server-side database, returning full hashes of all unsafe URLs that match one of the hash prefixes sent by Chrome.
After receiving the unsafe full hashes, Chrome checks them against the full hashes of the visited URL.
If any match is found, Chrome will show a warning.
