Chrome 改进恶意网站阻止机制:将在云端实时分析 URL

软餐获悉,Google 为 Chrome 的安全浏览(Safe Browsing)推出了一种新的恶意 URL 阻止机制——在新版本下,URL 不再在本地进行分析,而是会被匿名发送到 Google 的服务器以进行实时分析。Google 认为这种实时分析机制更安全。在当前的安全浏览模式下,当用户访问一个网站时,URL 将通过该本地的已知不安全域名列表进行检查。Google 每 30 至 60 分钟基于哈希更新该本地列表。通过这种方式,如果用户访问一个已知是钓鱼域或恶意软件供应商的 URL,他们将收到警告。Google 表示,该系统更注重隐私保护,并有助于浏览器的效率,但也有点过时。因为大多数此类域名通常在十分钟内就会被下线。该公司写道:” 这意味着在已经更新本地已知不安全网站列表的时候,其中许多网站已经逃过了检查。” 新的机制实现了实时分析,同时 Google 会采取多项措施确保数据匿名,包括 URL 会进行哈希处理,并删除其中的可能标识符,Google 只对哈希进行比较。此外,哈希不会在其自己的服务器上进行分析,而是通过 Fastly 的服务器进行,以防止 Google 获取潜在的标识符,如 IP 地址和用户代理。这一功能将为 Chrome 移动版和桌面版的所有用户默认启用。

Google has introduced a new mechanism for blocking malicious URLs in Chrome’s Safe Browsing feature. In the new version, URLs are no longer analyzed locally but are anonymously sent to Google’s servers for real-time analysis. Google believes that this real-time analysis mechanism is more secure. In the current Safe Browsing mode, when users visit a website, the URL is checked against a local list of known unsafe domains. Google updates this local list every 30 to 60 minutes based on hashes. This allows users to be alerted if they visit a URL that is known to be a phishing domain or malware supplier.

According to Google, this system prioritizes privacy protection and helps improve the efficiency of the browser, but it is also somewhat outdated. Most of these domains are often taken offline within ten minutes. The company states, “This means that by the time the local list of known unsafe sites is updated, many of them have already slipped through.”

The new version of Safe Browsing addresses this issue by not analyzing URLs locally but by forwarding them to Google itself. This enables real-time analysis of the URLs. Google assures that it has taken several measures to ensure the anonymity of the data. The URL is hashed, and potential identifiers are removed. Google only compares the hashes with each other.

According to Google, the hashes are not analyzed on their own servers but through servers provided by Fastly, preventing Google from accessing potential identifiers such as IP addresses and user agents. This functionality will be enabled by default for all users of the mobile and desktop versions of Chrome. 分享



您的电子邮箱地址不会被公开。 必填项已用 * 标注