Top Qs
Timeline
Chat
Perspective
Google Safe Browsing
Service that warns about malicious URLs From Wikipedia, the free encyclopedia
Remove ads
Google Safe Browsing is a service from Google that warns users when they attempt to visit a dangerous website or download dangerous files. As a core part of the service, Google maintains lists of URLs that contain malware or phishing content.[1][2] This protection works across Google products, and Google says it "power[s] safer browsing experiences across the Internet".[3] Google provides public APIs for the service.[4] Web browsers including Google Chrome,[5] Safari,[6] Firefox,[7] Vivaldi, and Brave use Google Safe Browsing to check pages against potential threats.[8]
Google uses its Safe Browsing data to notify webmasters when their websites are compromised by malicious actors and helps them resolve the problem.[3][9] Google also provides Safe Browsing information to Internet service providers by sending email alerts to autonomous system operators regarding threats hosted on their networks.[2]
As of September 2017, over 3 billion Internet devices used this service.[10] Alternatives are offered by both Tencent and Yandex.[11]
Remove ads
History
Google started working on Safe Browsing in 2005 as anti-phishing software.[12] Early versions included a browser extension for Firefox and labels for potentially malicious websites in Google Search results.[12] Google released its first Safe Browsing API for third-party applications in 2007.[13] Google integrated Safe Browsing into Chrome in 2008 and into Android and Google Play in 2011–2012.[12]
Remove ads
Privacy
Summarize
Perspective
Google Safe Browsing has been criticized for allowing Google to track users’ browsing behavior. Initial versions of Safe Browsing required the browser to transmit full URLs of websites to be checked, meaning that potentially all visited websites could be logged by Google. Additionally, in 2012, it was discovered the Safe Browsing integration into Apple's Safari web browser added a third-party cookie visible to Google for Safari users, even if they had not visited Google websites.[14]
Google now offers the "Update" API in addition to the "Lookup" API, using which the browser supplies part of a cryptographic hash of the URL in question, and Google responds with a set of matching URLs in its database. The browser is expected to cache these responses to avoid duplicate requests.[15] Since partial hashes are sent, the individual websites visited by the user cannot be identified from a request.
However, knowledge of the requesting IP address potentially allows detecting categories of websites or browsing behavior such as visiting multiple of a single company's websites or a group of related websites with high confidence.[16] Apple began anonymizing user IPs for Safe Browsing requests in the iOS version of Safari using a proxy server in 2021, which hides the true IP from Google, preventing cross-request correlation.[17] Google also started offering Oblivious HTTP access to its version 5 Safe Browsing API, which hides the requesting IP address.[18]
This functionality is used by Google’s own Chrome web browser for accessing Safe Browsing,[19] although Chrome also offers additional protection mechanisms beyond the Safe Browsing API available to third-party vendors.[20]
Remove ads
Criticism
In 2012, a security research company reported evidence that Google provided a more effective Safe Browsing service to Google Chrome users, compared to Firefox and Safari users.[21]
Websites that do not otherwise contain malware have been blacklisted by Google Safe Browsing due to the presence of infected display ads. Requesting removal from the blacklist requires the webmaster to create a Google Search Console account and wait several days for removal from the blacklist.[22]
There have also been concerns that Google Safe Browsing could be used for censorship, however as of 2016 this had not happened.[23][24]
See also
References
External links
Wikiwand - on
Seamless Wikipedia browsing. On steroids.
Remove ads