Chrome turns on real-time phishing protection (and monitoring)

The upgraded Safe Browsing feature has nearly instant alerts for dangerous sites, But Google is downplaying the privacy issues.

The upgraded Safe Browsing feature has nearly instant alerts for dangerous sites, But Google is downplaying the privacy issues.

Despite more and more tools to keep you safe, the web isn’t actually getting any safer. To counter rising threats, Google has redesigned the Chrome browser’s built-in protection scheme into the revamped Safe Browsing. This new version of the distributed defense system actively monitors the URLs your browser visits, and pops up a warning screen the second you stray into a part of the internet Google has determined is threatening. The update, which comes with a wider set of Chrome feature additions, should be live for everyone over the next few weeks.

Phishing is a particular focus of the new Safe Browsing features, as the threat is actively evolving. According to Google’s blog post, 60 percent of the domains used in these attempts to steal user data and compromise personal computers and smart devices are live for less than ten minutes before disappearing. That makes an updated local list of dangerous domains less and less useful. Google’s solution is live monitoring, which checks the current URL against the centralized threat list in real time. Google says it offers a 25 percent increase in protection from phishing and malware.

This feature was previously available in the Enhanced Protection setting in Chrome’s security menu. Active monitoring will become the default, enabled in the Standard Protection setting mode. “A real-time check will result in only the current ‘known’ verdict for the URL,” according to information from a Google PR representative.

While user protection is laudable, not everyone is thrilled by the idea of Google checking each and every URL you visit and file you download for the sake of your safety. As Bleeping Computer notes, there’s a tradeoff in privacy, as data linked to your personal Google account now potentially includes a complete history of your activity on the internet. Not just locally in a history file that you can personally delete, but remotely on a corporate server (and temporarily, at least according to Google). A lot of users may not be keen to hand over that information to one of the world’s most prolific advertisers.

Google’s PR representative stressed to me that this data is not used for ads. Google’s Safe Browsing page lists the benefits of integrating the protection scheme in Chrome, Android, Gmail, Search, and Google Ads, but has little to say on the privacy aspect of the setup. While it’s possible to disable Safe Browsing in Chrome and on your Google account, it’s turned on by default for all users./PCWorld