developers.google.com/safe-browsing/ is good documentation on how the Safe Browsing API used by browsers (Chromium, Firefox, Safari, etc.) works. It searches a database based on a truncated hash (4 bytes) of a canonicalized URL. It leaks some information, but doesn't send URLs directly.
Conversation
Safe Browsing isn't currently supported by GrapheneOS and won't be enabled by default with the standard approach. It leaks too much. I haven't done anything to intentionally break it and wouldn't mind it as an optional feature, but the default mobile approach uses Play Services.
2
4
Some work would need to be done to set up the alternate mobile implementation. Enumerating badness is not a workable approach to security so this hasn't been a priority. I also don't think the attempt at providing privacy is good enough. How large is the entire database anyway?
1
3
I'm curious if it's feasible to just regular scrape the entire Safe Browsing database and then download the full database from a GrapheneOS server on a regular basis. The standard approach seems to trend towards that anyway... and updates to the database can be done via deltas.
Replying to
Perhaps, but I'd just not support it. Concept of trusting Google to decide if sites are malicious is bogus.
1
2
If they have browser attacking malware, you should be pulling browser update not vulnerable rather than updating safe browsing list. If it's just phishing sites, meh.
1
Show replies
Replying to
One could argue that Safe Browsing still leaks less information than for example the HIBP integration in recent Firefox versions (first 5 bytes of a SHA1).
So sad that bloom filters or comparable offline solutions don't scale to the number of entries required… :/
Replying to
Quote Tweet
