Google Safe Browsing

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Google Safe Browsing
Google Safe Browsing.svg
Screenshot of the Google Safe Browsing in an Android device blocking a deceptive site.
Screenshot of the Google Safe Browsing in an Android device blocking a deceptive site.
Original author(s) Google
Developer(s) Google
Operating system Android, Chrome OS, Windows, macOS, iOS, Web browsers
Type Internet security

Google Safe Browsing is a blacklist service provided by Google that provides lists of URLs for web resources that contain malware or phishing content.[1][2] The Google Chrome, Safari, Firefox, Opera, Vivaldi, and GNOME Web browsers use the lists from the Google Safe Browsing service for checking pages against potential threats.[3][4] Google also provides a public API for the service.[5]

Google also provides information to Internet service providers, by sending e-mail alerts to autonomous system operators regarding threats hosted on their networks.[2]

According to Google, as of June 2012, some 600 million Internet users were using this service, either directly or indirectly.[6]

Clients protected[edit]


Google maintains the Safe Browsing Lookup API, which has a privacy drawback: "The URLs to be looked up are not hashed so the server knows which URLs the API users have looked up". The Safe Browsing API v3, on the other hand, compares 32-bit hash prefixes of the URL to preserve privacy.[7][8] The Firefox and Safari browsers use the latter.[9]

Safe Browsing also stores a mandatory preferences cookie on the computer[10] which the US National Security Agency allegedly uses to identify individual computers for purposes of exploitation.[11]

Google Safe Browsing "conducts client-side checks. If a website looks suspicious, it sends a subset of likely phishing and social engineering terms found on the page to Google to obtain additional information available from Google's servers on whether the website should be considered malicious". Logs, "including an IP address and one or more cookies" are kept for two weeks. They are "tied to the other Safe Browsing requests made from the same device."[12]

See also[edit]


  1. ^ Barry Schwartz (May 23, 2008). "Google's Safe Browsing Diagnostic Tool". Search Engine Land. Retrieved 2012-09-01. 
  2. ^ a b Lucian Constantin (Dec 2, 2011). "Google Safe Browsing Alerts Network Admins About Malware Distribution Domains". Retrieved 2012-09-01. 
  3. ^ "Firefox Phishing and Malware Protection". Mozilla Foundation. Retrieved 2012-09-01. 
  4. ^ "Phishing and malware detection". Google. Retrieved 2012-09-01. 
  5. ^ "Safe Browsing API". Google. Retrieved 2012-09-01. 
  6. ^ Chris Richardson (June 19, 2012). "Google Discusses Its Safe Browsing Record". WebProNews. Retrieved 2012-09-01. 
  7. ^ "Developer's Guide (v3)". Google Developers. 18 March 2015. 
  8. ^ "Safe Browsing API - Google Developers". Google Developers. 18 March 2015. 
  9. ^ Ed Bott. "Did Google withhold malware protection details from partners?". ZDNet. 
  10. ^ "Cookies from Nowhere". Ashkan Soltani. 
  11. ^ "NSA uses Google cookies to pinpoint targets for hacking". The Washington Post. Retrieved 2014-06-10. 
  12. ^ "Google Chrome Privacy Whitepaper". 

External links[edit]