Google made changes to Google Chrome’s secure browsing

Google Safe Browsing gives you a bright red warning before letting you visit a dangerous page. Meanwhile, Google is updating the way Safe Browsing works in Chrome so that it is less disruptive and more efficient “without a degradation of security posture”.

Google made changes to Google Chrome’s secure browsing

The current Safe Browsing approach means that “users cannot view pages until checks are complete”.

While this works well for local checks, such as those performed using the Safe Browsing API v4, it can increase latency for checks performed directly with the server.

Chrome 122, which arrives next week, introduces an “asynchronous mechanism. This allows websites to load even when real-time checks with Safe Browsing servers are ongoing.” This reduces the total page loading time. If nothing is found, you can browse normally. However, when something is found, the full page warning appears.

In terms of preventing phishing and social engineering attacks, Google states that it is “extremely unlikely that a user has meaningfully interacted (e.g., entered a password) with that site at the time the warning appears.” He came to this conclusion after studying the weather data.

Furthermore, this new approach will allow Google to “experiment and implement new algorithms based on AI and ML to detect and block more phishing and social engineering attacks”. All without the risk of delaying page loading.

Chrome will continue to maintain a “local Safe Browsing list of some sites that are known to provide browser exploits” that is checked synchronously.

However, Safe Browsing “previously checked both top-level URLs and sub-resources.” The latter was used to “distribute malware and exploit browsers on a large scale”, but that is no longer the case.

As such, Safe Browsing in Chrome will no longer check subresource URLs. Google has other security measures in place. This includes a “client-side visual ML model [que] can detect images used to create phishing pages.”

Likewise, Google has “dramatically reduced how often Chrome contacts Safe Browsing to verify PDF transfers.” This is at the level of “billions of times less per week” – given that the file format is no longer being widely explored. Chrome’s PDF viewer is sandboxed. The malicious PDFs that exist use web links that send users back to Chrome’s protections.