[Pkg-chromium-maint] Bug#783999: Should not disable "safe browsing" mechanism

Josh Triplett josh at joshtriplett.org
Sun Jun 21 04:09:37 UTC 2015

On Sat, Jun 20, 2015 at 11:35:30PM -0400, Michael Gilbert wrote:
> On Sat, Jun 20, 2015 at 9:54 PM, Josh Triplett wrote:
> > On Sat, Jun 20, 2015 at 09:39:08PM -0400, Michael Gilbert wrote:
> >> >>From the changelog:
> >> >
> >> >  [ Shawn Landden ]
> >> >    * Supress first run welcome page.
> >> >    * Turn off safebrowsing.
> >> >    * Turn off pinging Google on 404 and other HTTP errors.
> >>
> >> That change disables the setting by default, but the user can still
> >> manually go into the preferences and enable it.  My opinion is that
> >> this is the correct default behavior.
> >
> > As noted in my original mail, the safe browsing mechanism does not
> > consult a third-party service for every URL, but rather checks URLs
> > against a periodically-updated filter.  See
> > https://www.google.com/chrome/browser/privacy/whitepaper.html#malware
> That link also says that information is indeed sent out.  Until
> someone does a detailed code audit, I think this is the safer default.

The algorithm works the same way it does in Firefox.  In both cases, the
browser downloads a bloom filter, runs URLs through that filter, and
*if* the filter indicates an URL as unsafe, the browser sends a partial
hash of the site (32-bits of SHA256) and gets back a precise list of
matching URLs and corresponding information.  See
http://kb.mozillazine.org/Safe_browsing for Mozilla's explanation of the
implementation in Firefox.

So, it makes no sense to have this enabled by default in Firefox and
disabled by default in Chrome.  And since in both cases the feature is
specifically designed and implemented in a way that preserves user
privacy, I don't think it makes sense to disable it in either case.

- Josh Triplett

More information about the Pkg-chromium-maint mailing list